Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2016-10398 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0 Android 6.0 has an authentication bypass for attackers with root and physical access. | 6.2 |
| 2017-07-03 | CVE-2016-3998 | Permissions, Privileges, and Access Controls vulnerability in Netapp Altavault NetApp AltaVault 4.1 and earlier allows man-in-the-middle attackers to obtain sensitive information, gain privileges, or cause a denial of service via vectors related to the SMB protocol. | 8.1 |
| 2017-06-27 | CVE-2015-1795 | Permissions, Privileges, and Access Controls vulnerability in Redhat Gluster Storage 3.2 Red Hat Gluster Storage RPM Package 3.2 allows local users to gain privileges and execute arbitrary code as root. | 7.8 |
| 2017-06-27 | CVE-2015-1591 | Permissions, Privileges, and Access Controls vulnerability in Kamailio The kamailio build in kamailio before 4.2.0-2 process allows local users to gain privileges. | 7.8 |
| 2017-06-27 | CVE-2004-2778 | Permissions, Privileges, and Access Controls vulnerability in Gentoo Portage Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected commands. | 7.1 |
| 2017-06-27 | CVE-2016-9972 | Permissions, Privileges, and Access Controls vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 and 7.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2017-06-26 | CVE-2016-8493 | Permissions, Privileges, and Access Controls vulnerability in Fortinet Forticlient 5.4.1/5.4.2 In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClientNamedPipe vulnerability. | 8.8 |
| 2017-06-16 | CVE-2016-10364 | Permissions, Privileges, and Access Controls vulnerability in Elastic Kibana 5.0.0/5.0.1 With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions. | 6.5 |
| 2017-06-13 | CVE-2016-10341 | Permissions, Privileges, and Access Controls vulnerability in Google Android In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended. | 7.8 |
| 2017-06-13 | CVE-2016-9984 | Permissions, Privileges, and Access Controls vulnerability in IBM Maximo Asset Management 7.5/7.6 IBM Maximo Asset Management 7.5 and 7.6 could allow a remote authenticated attacker to execute arbitrary commands on the system as administrator. | 8.8 |