Vulnerabilities > Permission Issues
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-01 | CVE-2013-4201 | Permission Issues vulnerability in Katello Katello allows remote authenticated users to call the "system remove_deletion" CLI command via vectors related to "remove system" permissions. | 4.3 |
| 2018-05-01 | CVE-2013-4040 | Permission Issues vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. | 2.1 |
| 2018-04-24 | CVE-2016-8732 | Permission Issues vulnerability in Sophos Invincea Dell Protected Workspace 5.1.122303 Multiple security flaws exists in InvProtectDrv.sys which is a part of Invincea Dell Protected Workspace 5.1.1-22303. | 7.8 |
| 2018-02-15 | CVE-2017-5809 | Permission Issues vulnerability in HP Data Protector A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found. | 4.9 |
| 2018-02-15 | CVE-2016-8520 | Permission Issues vulnerability in Eucalyptus HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing versioned objects and ACLs. | 6.5 |
| 2018-01-31 | CVE-2014-1632 | Permission Issues vulnerability in Eventum Project Eventum htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the hostname parameter. | 9.3 |
| 2018-01-31 | CVE-2014-1631 | Permission Issues vulnerability in Eventum Project Eventum Eventum before 2.3.5 allows remote attackers to reinstall the application via direct request to /setup/index.php. | 5.0 |
| 2018-01-12 | CVE-2017-16887 | Permission Issues vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38 The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. | 5.0 |
| 2017-12-28 | CVE-2015-7889 | Permission Issues vulnerability in Google Android The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent. | 4.3 |
| 2017-12-27 | CVE-2017-17876 | Permission Issues vulnerability in Iwcnetwork Shift 3.0 Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter. | 5.0 |