Vulnerabilities > Improper Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-05-02 | CVE-2016-5063 | Improper Authorization vulnerability in BMC Server Automation The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows might allow remote attackers to bypass authorization checks and make an RPC call via unspecified vectors. | 5.0 |
2017-04-02 | CVE-2016-8776 | Improper Authorization vulnerability in Huawei P9 Firmware and P9 Lite Firmware Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account. | 2.1 |
2017-03-28 | CVE-2016-9464 | Improper Authorization vulnerability in Nextcloud Server Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on removing shares. | 4.0 |
2017-02-20 | CVE-2016-7651 | Improper Authorization vulnerability in Apple Iphone OS and Watchos An issue was discovered in certain Apple products. | 4.6 |
2017-01-12 | CVE-2016-8443 | Improper Authorization vulnerability in Linux Kernel 3.18 Possible unauthorized memory access in the hypervisor. | 7.2 |
2016-12-26 | CVE-2016-9217 | Improper Authorization vulnerability in Cisco Intercloud Fabric 2.2.1Base/2.3.1Base/3.1.1Base A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers could allow an unauthenticated, remote attacker to connect to the database used by these products. | 6.5 |
2016-12-12 | CVE-2016-9938 | Improper Authorization vulnerability in Digium Asterisk and Certified Asterisk An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4. | 5.0 |
2016-11-25 | CVE-2016-5788 | Improper Authorization vulnerability in GE products General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via unspecified vectors. | 10.0 |
2016-10-16 | CVE-2016-7097 | Improper Authorization vulnerability in Linux Kernel The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. | 4.4 |
2016-10-06 | CVE-2015-1000007 | Improper Authorization vulnerability in Wptf-Image-Gallery Project Wptf-Image-Gallery 1.03 Remote file download vulnerability in wptf-image-gallery v1.03 | 5.0 |