Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-12 | CVE-2016-10275 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.8 |
| 2017-05-12 | CVE-2016-10274 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.8 |
| 2017-05-11 | CVE-2016-9097 | Permissions, Privileges, and Access Controls vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. | 7.2 |
| 2017-05-11 | CVE-2016-2126 | Permissions, Privileges, and Access Controls vulnerability in Samba Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. | 6.5 |
| 2017-05-10 | CVE-2016-9250 | Permissions, Privileges, and Access Controls vulnerability in F5 products In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism. | 7.5 |
| 2017-05-09 | CVE-2016-9251 | Permissions, Privileges, and Access Controls vulnerability in F5 products In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be able to cause an escalation of privileges through a crafted iControl REST connection. | 8.8 |
| 2017-05-08 | CVE-2016-8202 | Permissions, Privileges, and Access Controls vulnerability in Broadcom Fabric Operating System A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. | 8.8 |
| 2017-05-02 | CVE-2015-9004 | Permissions, Privileges, and Access Controls vulnerability in multiple products kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions. | 7.8 |
| 2017-05-01 | CVE-2016-8649 | Permissions, Privileges, and Access Controls vulnerability in Linuxcontainers LXC lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls. | 9.1 |
| 2017-04-28 | CVE-2016-8592 | Permissions, Privileges, and Access Controls vulnerability in Trendmicro Threat Discovery Appliance 2.6.1062 log_query_system.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter. | 8.8 |