Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-07 | CVE-2015-8621 | Permissions, Privileges, and Access Controls vulnerability in Tcoffee T-Coffee 11.00.8Cbe4861 t-coffee before 11.00.8cbe486-2 allows local users to write to ~/.t_coffee globally. | 5.5 |
| 2017-08-07 | CVE-2015-7875 | Permissions, Privileges, and Access Controls vulnerability in Chaos Tool Suite Project Ctools ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal does not verify the "edit" permission for the "content type" plugins that are used on Panels and similar systems to place content and functionality on a page. | 7.5 |
| 2017-08-07 | CVE-2015-7561 | Permissions, Privileges, and Access Controls vulnerability in multiple products Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image. | 3.1 |
| 2017-08-07 | CVE-2015-1378 | Permissions, Privileges, and Access Controls vulnerability in Grml Grml-Debootstrap cmdlineopts.clp in grml-debootstrap in Debian 0.54, 0.68.x before 0.68.1, 0.7x before 0.78 is sourced without checking that the local directory is writable by non-root users. | 7.5 |
| 2017-08-07 | CVE-2014-9262 | Permissions, Privileges, and Access Controls vulnerability in Snapcreek Duplicator The Duplicator plugin in Wordpress before 0.5.10 allows remote authenticated users to create and download backup files. | 8.2 |
| 2017-08-07 | CVE-2014-9260 | Permissions, Privileges, and Access Controls vulnerability in Downloadmanager Download Manager The basic_settings function in the download manager plugin for WordPress before 2.7.3 allows remote authenticated users to update every WordPress option. | 8.8 |
| 2017-08-02 | CVE-2015-2560 | Permissions, Privileges, and Access Controls vulnerability in Zohocorp Manageengine Desktop Central 9.0 Manage Engine Desktop Central 9 before build 90135 allows remote attackers to change passwords of users with the Administrator role via an addOrModifyUser operation to servlets/DCOperationsServlet. | 9.8 |
| 2017-08-02 | CVE-2016-7845 | Permissions, Privileges, and Access Controls vulnerability in Gigaccsecure Gigacc Office 2.3 GigaCC OFFICE ver.2.3 and earlier allows remote attackers to upload arbitrary files as a user profile image, which may be exploited for unauthorized file sharing. | 6.5 |
| 2017-07-17 | CVE-2016-10398 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0 Android 6.0 has an authentication bypass for attackers with root and physical access. | 6.2 |
| 2017-07-03 | CVE-2016-3998 | Permissions, Privileges, and Access Controls vulnerability in Netapp Altavault NetApp AltaVault 4.1 and earlier allows man-in-the-middle attackers to obtain sensitive information, gain privileges, or cause a denial of service via vectors related to the SMB protocol. | 8.1 |