Vulnerabilities > Permissions, Privileges, and Access Controls
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-22 | CVE-2016-10929 | Permissions, Privileges, and Access Controls vulnerability in Advanced Ajax Page Loader Project Advanced Ajax Page Loader The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in. | 5.0 |
2019-08-22 | CVE-2017-18584 | Permissions, Privileges, and Access Controls vulnerability in Post PAY Counter Project Post PAY Counter The post-pay-counter plugin before 2.731 for WordPress has no permissions check for an update-settinga action. | 5.0 |
2019-08-22 | CVE-2016-10923 | Permissions, Privileges, and Access Controls vulnerability in Visser Store Toolkit for Woocommerce The woocommerce-store-toolkit plugin before 1.5.8 for WordPress has privilege escalation. | 7.5 |
2019-08-22 | CVE-2016-10922 | Permissions, Privileges, and Access Controls vulnerability in Visser Store Toolkit for Woocommerce The woocommerce-store-toolkit plugin before 1.5.7 for WordPress has privilege escalation. | 7.5 |
2019-08-21 | CVE-2019-14257 | Permissions, Privileges, and Access Controls vulnerability in Zenoss 2.5.3 pyraw in Zenoss 2.5.3 allows local privilege escalation by modifying environment variables to redirect execution before privileges are dropped, aka ZEN-31765. | 7.2 |
2019-08-21 | CVE-2019-12634 | Permissions, Privileges, and Access Controls vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 5.0 |
2019-08-20 | CVE-2019-2122 | Permissions, Privileges, and Access Controls vulnerability in Google Android In LockTaskController.lockKeyguardIfNeeded of the LockTaskController.java, there was a difference in the handling of the default case between the WindowManager and the Settings. | 6.9 |
2019-08-14 | CVE-2016-10886 | Permissions, Privileges, and Access Controls vulnerability in Benjaminrojas WP Editor The wp-editor plugin before 1.2.6 for WordPress has incorrect permissions. | 9.8 |
2019-08-13 | CVE-2019-12808 | Permissions, Privileges, and Access Controls vulnerability in Estsoft Altools 18.1 ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. | 7.2 |
2019-08-02 | CVE-2017-18455 | Permissions, Privileges, and Access Controls vulnerability in Cpanel In cPanel before 62.0.17, addon domain conversion did not require a package for resellers (SEC-208). | 4.0 |