| 2025-03-12 | CVE-2025-20145 | A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability exists because certain packets are handled incorrectly when they are received on an ingress interface on one line card and destined out of an egress interface on another line card where the egress ACL is configured. | 5.8 |
| 2024-11-17 | CVE-2020-25720 | A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. | 7.5 |
| 2019-09-04 | CVE-2019-10709 | Permissions, Privileges, and Access Controls vulnerability in Asus Precision Touchpad 11.0.0.25
AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \\.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call. | 9.8 |
| 2019-08-29 | CVE-2019-11245 | Permissions, Privileges, and Access Controls vulnerability in Kubernetes 1.13.6/1.14.2
In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 (root) on container restart, or if the image was previously pulled to the node. | 7.8 |
| 2019-08-27 | CVE-2016-10935 | Permissions, Privileges, and Access Controls vulnerability in Visser Store Exporter for Woocommerce
The woocommerce-exporter plugin before 1.8.4 for WordPress has privilege escalation. | 9.8 |
| 2019-08-22 | CVE-2016-10929 | Permissions, Privileges, and Access Controls vulnerability in Advanced Ajax Page Loader Project Advanced Ajax Page Loader
The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in. | 5.3 |
| 2019-08-22 | CVE-2017-18584 | Permissions, Privileges, and Access Controls vulnerability in Post PAY Counter Project Post PAY Counter
The post-pay-counter plugin before 2.731 for WordPress has no permissions check for an update-settinga action. | 7.5 |
| 2019-08-22 | CVE-2016-10923 | Permissions, Privileges, and Access Controls vulnerability in Visser Store Toolkit for Woocommerce
The woocommerce-store-toolkit plugin before 1.5.8 for WordPress has privilege escalation. | 9.8 |
| 2019-08-22 | CVE-2016-10922 | Permissions, Privileges, and Access Controls vulnerability in Visser Store Toolkit for Woocommerce
The woocommerce-store-toolkit plugin before 1.5.7 for WordPress has privilege escalation. | 9.8 |
| 2019-08-21 | CVE-2019-14257 | Permissions, Privileges, and Access Controls vulnerability in Zenoss 2.5.3
pyraw in Zenoss 2.5.3 allows local privilege escalation by modifying environment variables to redirect execution before privileges are dropped, aka ZEN-31765. | 7.8 |