Vulnerabilities > Permissions, Privileges, and Access Controls

DATE CVE VULNERABILITY TITLE RISK
2019-08-14 CVE-2016-10886 Permissions, Privileges, and Access Controls vulnerability in Benjaminrojas WP Editor
The wp-editor plugin before 1.2.6 for WordPress has incorrect permissions.
network
low complexity
benjaminrojas CWE-264
critical
9.8
2019-08-02 CVE-2017-18455 Permissions, Privileges, and Access Controls vulnerability in Cpanel
In cPanel before 62.0.17, addon domain conversion did not require a package for resellers (SEC-208).
network
low complexity
cpanel CWE-264
2.7
2019-08-02 CVE-2017-18451 Permissions, Privileges, and Access Controls vulnerability in Cpanel
cPanel before 64.0.21 allows attackers to read a user's crontab file during a short time interval upon a cPAddon upgrade (SEC-257).
network
low complexity
cpanel CWE-264
5.3
2019-08-02 CVE-2017-18450 Permissions, Privileges, and Access Controls vulnerability in Cpanel
cPanel before 64.0.21 allows certain file-chmod operations via /scripts/convert_roundcube_mysql2sqlite (SEC-255).
local
high complexity
cpanel CWE-264
4.5
2019-08-02 CVE-2017-18413 Permissions, Privileges, and Access Controls vulnerability in Cpanel
In cPanel before 67.9999.103, the backup system overwrites root's home directory when a mount disappears (SEC-299).
local
low complexity
cpanel CWE-264
7.8
2019-08-02 CVE-2017-18399 Permissions, Privileges, and Access Controls vulnerability in Cpanel
cPanel before 68.0.15 allows attackers to read root's crontab file during a short time interval upon enabling or disabling sqloptimizer (SEC-332).
network
high complexity
cpanel CWE-264
3.7
2019-08-02 CVE-2017-18383 Permissions, Privileges, and Access Controls vulnerability in Cpanel
cPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309).
local
low complexity
cpanel CWE-264
7.8
2019-07-17 CVE-2019-11771 Permissions, Privileges, and Access Controls vulnerability in Eclipse Openj9
AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which may facilitate code injection and privilege elevation by local users.
local
low complexity
eclipse CWE-264
7.8
2019-07-03 CVE-2017-8230 Permissions, Privileges, and Access Controls vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909
On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user".
network
low complexity
amcrest CWE-264
8.8
2019-07-03 CVE-2017-8228 Permissions, Privileges, and Access Controls vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours.
network
low complexity
amcrest CWE-264
8.8