Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-01 | CVE-2016-5964 | Improper Access Control vulnerability in IBM Security Privileged Identity Manager 2.0.2 IBM Security Privileged Identity Manager Virtual Appliance version 2.0.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 9.8 |
| 2017-01-31 | CVE-2016-9415 | Improper Access Control vulnerability in Mybb Merge System and Mybb MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows allow remote attackers to overwrite arbitrary CSS files via vectors related to "style import." | 7.5 |
| 2017-01-31 | CVE-2016-9413 | Improper Access Control vulnerability in Mybb The Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | 6.5 |
| 2017-01-31 | CVE-2016-9412 | Improper Access Control vulnerability in Mybb MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have unspecified impact via vectors related to low adminsid and sid entropy. | 9.8 |
| 2017-01-31 | CVE-2015-8973 | Improper Access Control vulnerability in Mybb Merge System and Mybb xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended access restrictions via vectors related to the forum password. | 8.3 |
| 2017-01-30 | CVE-2016-5026 | Improper Access Control vulnerability in Onionshare hs.py in OnionShare before 0.9.1 allows local users to modify the hiddenservice by pre-creating the /tmp/onionshare directory. | 5.5 |
| 2017-01-30 | CVE-2015-8140 | Improper Access Control vulnerability in NTP 4.2.4/4.2.7/4.2.8 The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network. | 4.8 |
| 2017-01-30 | CVE-2015-8139 | Improper Access Control vulnerability in NTP 4.2.4/4.2.7/4.2.8 ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors. | 5.3 |
| 2017-01-27 | CVE-2016-8330 | Improper Access Control vulnerability in Oracle Solaris 11.3 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). | 3.7 |
| 2017-01-27 | CVE-2016-8325 | Improper Access Control vulnerability in Oracle One-To-One Fulfillment Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Internal Operations). | 9.1 |