Vulnerabilities > Permission Issues
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-28 | CVE-2015-7889 | Permission Issues vulnerability in Google Android The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent. | 5.5 |
| 2017-12-27 | CVE-2017-17876 | Permission Issues vulnerability in Iwcnetwork Shift 3.0 Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter. | 7.5 |
| 2017-12-11 | CVE-2017-11463 | Permission Issues vulnerability in Ivanti Endpoint Manager 2016.4/2017.1/2017.3 In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference leads to referencing/updating objects belonging to other users. | 8.8 |
| 2017-11-22 | CVE-2017-8153 | Permission Issues vulnerability in Huawei Vmall Huawei VMall (for Android) with the versions before 1.5.8.5 have a privilege elevation vulnerability due to improper design. | 7.1 |
| 2017-11-22 | CVE-2017-2694 | Permission Issues vulnerability in Huawei Vmall The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. | 3.3 |
| 2017-10-23 | CVE-2017-7145 | Permission Issues vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 5.3 |
| 2017-10-23 | CVE-2017-7144 | Permission Issues vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 4.3 |
| 2017-10-23 | CVE-2017-7088 | Permission Issues vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 5.9 |
| 2017-10-13 | CVE-2016-4924 | Permission Issues vulnerability in Juniper Junos 14.1/15.1 An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. | 5.5 |
| 2017-10-10 | CVE-2015-7842 | Permission Issues vulnerability in Huawei products Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 allow remote authenticated operators to change server information by leveraging failure to verify user permissions. | 7.1 |