Vulnerabilities > Permissions, Privileges, and Access Controls

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-22	CVE-2016-10929	Permissions, Privileges, and Access Controls vulnerability in Advanced Ajax Page Loader Project Advanced Ajax Page Loader The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in. network low complexity advanced-ajax-page-loader-project CWE-264	5.0
2019-08-22	CVE-2017-18584	Permissions, Privileges, and Access Controls vulnerability in Post PAY Counter Project Post PAY Counter The post-pay-counter plugin before 2.731 for WordPress has no permissions check for an update-settinga action. network low complexity post-pay-counter-project CWE-264	5.0
2019-08-22	CVE-2016-10923	Permissions, Privileges, and Access Controls vulnerability in Visser Store Toolkit for Woocommerce The woocommerce-store-toolkit plugin before 1.5.8 for WordPress has privilege escalation. network low complexity visser CWE-264	7.5
2019-08-22	CVE-2016-10922	Permissions, Privileges, and Access Controls vulnerability in Visser Store Toolkit for Woocommerce The woocommerce-store-toolkit plugin before 1.5.7 for WordPress has privilege escalation. network low complexity visser CWE-264	7.5
2019-08-21	CVE-2019-14257	Permissions, Privileges, and Access Controls vulnerability in Zenoss 2.5.3 pyraw in Zenoss 2.5.3 allows local privilege escalation by modifying environment variables to redirect execution before privileges are dropped, aka ZEN-31765. local low complexity zenoss CWE-264	7.2
2019-08-21	CVE-2019-12634	Permissions, Privileges, and Access Controls vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. network low complexity cisco CWE-264	5.0
2019-08-20	CVE-2019-2122	Permissions, Privileges, and Access Controls vulnerability in Google Android In LockTaskController.lockKeyguardIfNeeded of the LockTaskController.java, there was a difference in the handling of the default case between the WindowManager and the Settings. local google CWE-264	6.9
2019-08-14	CVE-2016-10886	Permissions, Privileges, and Access Controls vulnerability in Benjaminrojas WP Editor The wp-editor plugin before 1.2.6 for WordPress has incorrect permissions. network low complexity benjaminrojas CWE-264 critical	9.8
2019-08-13	CVE-2019-12808	Permissions, Privileges, and Access Controls vulnerability in Estsoft Altools 18.1 ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. local low complexity estsoft CWE-264	7.2
2019-08-02	CVE-2017-18455	Permissions, Privileges, and Access Controls vulnerability in Cpanel In cPanel before 62.0.17, addon domain conversion did not require a package for resellers (SEC-208). network low complexity cpanel CWE-264	4.0