Latest Permissions, Privileges, and Access Controls Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2019-08-02 CVE-2017-18451 Permissions, Privileges, and Access Controls vulnerability in Cpanel
cPanel before 64.0.21 allows attackers to read a user's crontab file during a short time interval upon a cPAddon upgrade (SEC-257).
network
low complexity
cpanel CWE-264
5.0
2019-08-02 CVE-2017-18450 Permissions, Privileges, and Access Controls vulnerability in Cpanel
cPanel before 64.0.21 allows certain file-chmod operations via /scripts/convert_roundcube_mysql2sqlite (SEC-255).
4.4
2019-08-02 CVE-2017-18413 Permissions, Privileges, and Access Controls vulnerability in Cpanel
In cPanel before 67.9999.103, the backup system overwrites root's home directory when a mount disappears (SEC-299).
local
low complexity
cpanel CWE-264
4.6
2019-08-02 CVE-2017-18399 Permissions, Privileges, and Access Controls vulnerability in Cpanel
cPanel before 68.0.15 allows attackers to read root's crontab file during a short time interval upon enabling or disabling sqloptimizer (SEC-332).
4.3
2019-08-02 CVE-2017-18383 Permissions, Privileges, and Access Controls vulnerability in Cpanel
cPanel before 68.0.15 writes home-directory backups to an incorrect location (SEC-309).
local
low complexity
cpanel CWE-264
4.6
2019-07-17 CVE-2019-11771 Permissions, Privileges, and Access Controls vulnerability in Eclipse Openj9
AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which may facilitate code injection and privilege elevation by local users.
local
low complexity
eclipse CWE-264
4.6
2019-07-11 CVE-2019-10915 Permissions, Privileges, and Access Controls vulnerability in Siemens TIA Administrator 1.0
A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1).
local
low complexity
siemens CWE-264
4.6
2019-07-03 CVE-2017-8230 Permissions, Privileges, and Access Controls vulnerability in Amcrest Ipm-721S Firmware
On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user".
network
low complexity
amcrest CWE-264
4.0
2019-07-03 CVE-2017-8228 Permissions, Privileges, and Access Controls vulnerability in Amcrest Ipm-721S Firmware
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours.
6.8
2019-07-01 CVE-2019-13125 Permissions, Privileges, and Access Controls vulnerability in Tencent Habomalhunter 2.0.0.2/2.0.0.3
HaboMalHunter through 2.0.0.3 in Tencent Habo allows attackers to evade dynamic malware analysis via PIE compilation.
6.8