Vulnerabilities > Improper Access Control

DATE CVE VULNERABILITY TITLE RISK
2019-08-01 CVE-2018-20890 Improper Access Control vulnerability in Cpanel
cPanel before 74.0.0 allows arbitrary zone file modifications during record edits (SEC-426).
network
low complexity
cpanel CWE-284
4.3
2019-07-30 CVE-2019-10130 Improper Access Control vulnerability in multiple products
A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17.
network
low complexity
postgresql opensuse CWE-284
4.3
2019-07-30 CVE-2017-18380 Improper Access Control vulnerability in EDX Edx-Platform
edx-platform before 2017-08-03 allows attackers to trigger password-reset e-mail messages in which the reset link has an attacker-controlled domain name.
network
low complexity
edx CWE-284
7.5
2019-07-22 CVE-2018-13896 Improper Access Control vulnerability in Qualcomm products
XBL_SEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBL_SEC stage..
local
low complexity
qualcomm CWE-284
7.8
2019-07-11 CVE-2019-1010316 Improper Access Control vulnerability in Pyxtrlock Project Pyxtrlock 0.1/0.2/0.3
pyxtrlock 0.3 and earlier is affected by: Incorrect Access Control.
local
low complexity
pyxtrlock-project CWE-284
7.8
2019-07-11 CVE-2018-19588 Improper Access Control vulnerability in Alarm Adc-V522Ir Firmware 0100B9
Alarm.com ADC-V522IR 0100b9 devices have Incorrect Access Control.
network
low complexity
alarm CWE-284
7.2
2019-07-11 CVE-2018-17151 Improper Access Control vulnerability in Intersystems Cache 2017.2.2.865.0/2018.1.2
Intersystems Cache 2017.2.2.865.0 has Incorrect Access Control.
network
low complexity
intersystems CWE-284
5.4
2019-07-11 CVE-2018-11744 Improper Access Control vulnerability in Cloudera Manager
Cloudera Manager through 5.15 has Incorrect Access Control.
network
high complexity
cloudera CWE-284
8.1
2019-07-10 CVE-2018-19576 Improper Access Control vulnerability in Gitlab
GitLab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an access control issue that allows a Guest user to make changes to or delete their own comments on an issue, after the issue was made Confidential.
network
low complexity
gitlab CWE-284
8.1
2019-07-10 CVE-2018-19577 Improper Access Control vulnerability in Gitlab
Gitlab CE/EE, versions 8.6 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an incorrect access control vulnerability that displays to an unauthorized user the title and namespace of a confidential issue.
network
low complexity
gitlab CWE-284
5.3