Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-23 | CVE-2016-1597 | Permissions, Privileges, and Access Controls vulnerability in Netiq Access Governance Suite A logged-in user in NetIQ Access Governance Suite 6.0 through 6.4 could escalate privileges to administrator. | 8.8 |
| 2017-03-20 | CVE-2016-5857 | Permissions, Privileges, and Access Controls vulnerability in Google Android 7.0 The Qualcomm SPCom driver in Android before 7.0 allows local users to execute arbitrary code within the context of the kernel via a crafted application, aka Android internal bug 34386529 and Qualcomm internal bug CR#1094140. | 7.8 |
| 2017-03-20 | CVE-2015-8954 | Permissions, Privileges, and Access Controls vulnerability in Openinfosecfoundation Suricata The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request. | 9.8 |
| 2017-03-20 | CVE-2015-1610 | Permissions, Privileges, and Access Controls vulnerability in Opendaylight L2Switch hosttracker in OpenDaylight l2switch allows remote attackers to change the host location information by spoofing the MAC address, aka "topology spoofing." | 5.3 |
| 2017-03-17 | CVE-2014-8708 | Permissions, Privileges, and Access Controls vulnerability in Pluck-Cms Pluck 4.7.2 Pluck CMS 4.7.2 allows remote attackers to execute arbitrary code via the blog form feature. | 9.8 |
| 2017-03-16 | CVE-2016-10187 | Permissions, Privileges, and Access Controls vulnerability in Calibre-Ebook Calibre The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript. | 5.5 |
| 2017-03-15 | CVE-2016-7955 | Permissions, Privileges, and Access Controls vulnerability in Alienvault Ossim and Unified Security Management The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, when an action has been created, and USM before 5.3.1 allows remote attackers to bypass authentication and consequently obtain sensitive information, modify the application, or execute arbitrary code as root via an "AV Report Scheduler" HTTP User-Agent header. | 9.8 |
| 2017-03-14 | CVE-2016-8026 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Security Scan Plus 2.0.181.2/3.11.376/3.11.469 Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus (SSP) 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors. | 7.8 |
| 2017-03-14 | CVE-2016-8012 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Data Loss Prevention Endpoint Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other processes via pages in the target process memory get. | 7.8 |
| 2017-03-14 | CVE-2016-8009 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Application Control Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call. | 7.8 |