Vulnerabilities > Permission Issues
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-28 | CVE-2015-8300 | Permission Issues vulnerability in Polycom Btoe Connector 2.3.0 Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: Full Control) for "Program Files (x86)\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privileges via a Trojan horse file. | 7.8 |
| 2017-08-18 | CVE-2015-5153 | Permission Issues vulnerability in Pulp Project Pulp Pulp does not remove permissions for named objects upon deletion, which allows authenticated users to gain the privileges of a deleted object via creating an object with the same name. | 8.8 |
| 2017-06-27 | CVE-2015-7781 | Permission Issues vulnerability in Zohocorp Manageengine Firewall Analyzer 7.2/7.4/7.6 ManageEngine Firewall Analyzer before 8.0 does not restrict access permissions. | 7.5 |
| 2017-04-17 | CVE-2016-4873 | Permission Issues vulnerability in Cybozu Office Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function. | 4.3 |
| 2017-04-13 | CVE-2015-8223 | Permission Issues vulnerability in Huawei P7 Firmware and P8 Ale-Ul00 Firmware Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) by leveraging camera permissions and via crafted input to the camera driver. | 5.5 |
| 2017-03-20 | CVE-2016-2406 | Permission Issues vulnerability in Huawei Document Security Management V100R002C03Spc005/V100R002C05Spc661 The permission control module in Huawei Document Security Management (aka DSM) before V100R002C05SPC670 allows remote authenticated users to obtain sensitive information from encrypted documents by leveraging incorrect control of permissions on the PrintScreen button. | 4.3 |
| 2017-03-11 | CVE-2017-6513 | Permission Issues vulnerability in Softaculous Whmcs Reseller Module 2.0.2 The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2.9.1.0 does not verify the user correctly, which allows remote authenticated users to control other virtual machines managed by Virtualizor by accessing a modified URL. | 9.9 |
| 2017-02-27 | CVE-2016-7553 | Permission Issues vulnerability in Irssi Buf.Pl 2.13 The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from private chat conversations by reading the file. | 3.3 |
| 2017-02-03 | CVE-2016-6648 | Permission Issues vulnerability in EMC Recoverpoint and Recoverpoint for Virtual Machines EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by sensitive information disclosure vulnerability as a result of incorrect permissions set on a sensitive system file. | 4.4 |
| 2017-02-01 | CVE-2016-3022 | Permission Issues vulnerability in IBM products IBM Security Access Manager for Web could allow an authenticated user to gain access to highly sensitive information due to incorrect file permissions. | 6.5 |