Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-13 | CVE-2016-6543 | Improper Access Control vulnerability in Ieasytec Itrack Easy A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device. | 5.9 |
| 2018-07-11 | CVE-2013-2972 | Improper Access Control vulnerability in IBM Websphere Cast Iron Cloud Integration 6.0.0.0/6.1.0.0/6.3.0.0 IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended access restrictions via unspecified vectors. | 7.5 |
| 2018-06-11 | CVE-2016-9905 | Improper Access Control vulnerability in multiple products A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. | 8.8 |
| 2018-05-11 | CVE-2009-5151 | Improper Access Control vulnerability in Absolute Computrace Agent 70.785 The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code on the BIOS. | 6.7 |
| 2018-05-11 | CVE-2009-5150 | Improper Access Control vulnerability in Absolute Computrace Agent 80.845/80.866 Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended search.namequery.com site by modifying data within a disk's inter-partition space. | 6.7 |
| 2018-05-02 | CVE-2013-6272 | Improper Access Control vulnerability in Google Android The NotificationBroadcastReceiver class in the com.android.phone process in Google Android 4.1.1 through 4.4.2 allows attackers to bypass intended access restrictions and consequently make phone calls to arbitrary numbers, send mmi or ussd codes, or hangup ongoing calls via a crafted application. | 7.8 |
| 2018-04-27 | CVE-2013-6739 | Improper Access Control vulnerability in IBM Spss Modeler IBM SPSS Modeler before 16 on UNIX allows remote authenticated users to bypass intended access restrictions via an SSO token. | 5.4 |
| 2018-04-25 | CVE-2014-0881 | Improper Access Control vulnerability in IBM Integrated Management Module Firmware The TPM on Integrated Management Module II (IMM2) on IBM Flex System x222 servers with firmware 1.00 through 3.56 allows remote attackers to obtain sensitive key information or cause a denial of service by leveraging an incorrect configuration. | 7.4 |
| 2018-04-24 | CVE-2016-9599 | Improper Access Control vulnerability in multiple products puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables rules management, which allowed the creation of TCP/UDP rules with empty port values. | 7.5 |
| 2018-04-20 | CVE-2014-6109 | Improper Access Control vulnerability in IBM Security Identity Manager and Tivoli Identity Manager IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information via vectors related to server side LDAP queries. | 5.3 |