Vulnerabilities > Permissions, Privileges, and Access Controls
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-15 | CVE-2015-7440 | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 might allow local users to gain privileges via unspecified vectors. | 7.8 |
2018-03-12 | CVE-2016-8629 | Permissions, Privileges, and Access Controls vulnerability in Redhat Keycloak Red Hat Keycloak before version 2.4.0 did not correctly check permissions when handling service account user deletion requests sent to the rest server. | 6.5 |
2018-03-08 | CVE-2014-7272 | Permissions, Privileges, and Access Controls vulnerability in multiple products Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases). | 7.8 |
2018-03-02 | CVE-2015-7967 | Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service for Citrix web Interface Agent SafeNet Authentication Service for Citrix Web Interface Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | 7.8 |
2018-03-02 | CVE-2015-7966 | Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service Windows Logon Agent SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7965. | 7.8 |
2018-03-02 | CVE-2015-7965 | Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service Windows Logon Agent SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7966. | 7.8 |
2018-03-02 | CVE-2015-7964 | Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service for NPS Agent SafeNet Authentication Service for NPS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | 7.8 |
2018-03-02 | CVE-2015-7963 | Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service for AD FS Agent SafeNet Authentication Service for AD FS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | 7.8 |
2018-03-02 | CVE-2015-7962 | Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service for Outlook web APP Agent SafeNet Authentication Service for Outlook Web App Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | 7.8 |
2018-03-02 | CVE-2015-7961 | Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service Remote web Workplace Agent SafeNet Authentication Service Remote Web Workplace Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | 7.8 |