Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-23 | CVE-2015-5682 | Permissions, Privileges, and Access Controls vulnerability in Powerplay Gallery Project Powerplay Gallery 3.3 upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to create arbitrary directories via vectors related to the targetDir variable. | 7.5 |
| 2017-05-23 | CVE-2015-4045 | Permissions, Privileges, and Access Controls vulnerability in Alienvault Open Source Security Information Management The sudoers file in the asset discovery scanner in AlienVault OSSIM before 5.0.1 allows local users to gain privileges via a crafted nmap script. | 6.7 |
| 2017-05-22 | CVE-2016-6112 | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. | 8.8 |
| 2017-05-16 | CVE-2016-10372 | Permissions, Privileges, and Access Controls vulnerability in EIR D1000 Modem Firmware The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547, as demonstrated by opening WAN access to TCP port 80, retrieving the login password (which defaults to the Wi-Fi password), and using the NewNTPServer feature. | 9.8 |
| 2017-05-16 | CVE-2016-10238 | Permissions, Privileges, and Access Controls vulnerability in Google Android In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue. | 7.8 |
| 2017-05-15 | CVE-2016-5979 | Permissions, Privileges, and Access Controls vulnerability in IBM Distributed Marketing IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged authenticated user to create an instance that gets created with security profile not valid for the templates, that results in the new instance not accessible for the intended user. | 2.7 |
| 2017-05-12 | CVE-2016-10291 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the Qualcomm Slimbus driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-05-12 | CVE-2016-10290 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Qualcomm shared memory driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-05-12 | CVE-2016-10289 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Qualcomm crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-05-12 | CVE-2016-10288 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 3.18 An elevation of privilege vulnerability in the Qualcomm LED driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |