Vulnerabilities > Permissions, Privileges, and Access Controls

DATE CVE VULNERABILITY TITLE RISK
2017-06-27 CVE-2015-1795 Permissions, Privileges, and Access Controls vulnerability in Redhat Gluster Storage 3.2
Red Hat Gluster Storage RPM Package 3.2 allows local users to gain privileges and execute arbitrary code as root.
local
low complexity
redhat CWE-264
7.8
2017-06-27 CVE-2015-1591 Permissions, Privileges, and Access Controls vulnerability in Kamailio
The kamailio build in kamailio before 4.2.0-2 process allows local users to gain privileges.
local
low complexity
kamailio CWE-264
7.8
2017-06-27 CVE-2004-2778 Permissions, Privileges, and Access Controls vulnerability in Gentoo Portage
Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected commands.
local
low complexity
gentoo CWE-264
7.1
2017-06-27 CVE-2016-9972 Permissions, Privileges, and Access Controls vulnerability in IBM Qradar Security Information and Event Manager
IBM QRadar 7.2 and 7.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
ibm CWE-264
5.9
2017-06-26 CVE-2016-8493 Permissions, Privileges, and Access Controls vulnerability in Fortinet Forticlient 5.4.1/5.4.2
In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClientNamedPipe vulnerability.
network
low complexity
fortinet CWE-264
8.8
2017-06-16 CVE-2016-10364 Permissions, Privileges, and Access Controls vulnerability in Elastic Kibana 5.0.0/5.0.1
With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions.
network
low complexity
elastic CWE-264
6.5
2017-06-13 CVE-2016-10341 Permissions, Privileges, and Access Controls vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended.
local
low complexity
google CWE-264
7.8
2017-06-13 CVE-2016-9984 Permissions, Privileges, and Access Controls vulnerability in IBM Maximo Asset Management 7.5/7.6
IBM Maximo Asset Management 7.5 and 7.6 could allow a remote authenticated attacker to execute arbitrary commands on the system as administrator.
network
low complexity
ibm CWE-264
8.8
2017-06-13 CVE-2015-4596 Permissions, Privileges, and Access Controls vulnerability in Lenovo Mouse Suite 6.72
Lenovo Mouse Suite before 6.73 allows local users to run arbitrary code with administrator privileges.
local
low complexity
lenovo CWE-264
7.8
2017-06-09 CVE-2016-7818 Permissions, Privileges, and Access Controls vulnerability in Japan Pension Service products
Untrusted search path vulnerability in Installers for Specification check program (social insurance) Ver.
local
low complexity
japan-pension-service CWE-264
7.8