Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-13 | CVE-2015-8768 | Permissions, Privileges, and Access Controls vulnerability in multiple products click/install.py in click does not require files in package filesystem tarballs to start with ./ (dot slash), which allows remote attackers to install an alternate security policy and gain privileges via a crafted package, as demonstrated by the test.mmrow app for Ubuntu phone. | 9.8 |
| 2017-02-09 | CVE-2016-8494 | Permissions, Privileges, and Access Controls vulnerability in Fortinet Connect Insufficient verification of uploaded files allows attackers with webui administrators privileges to perform arbitrary code execution by uploading a new webui theme. | 7.2 |
| 2017-02-08 | CVE-2016-5934 | Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Storage Manager Fastback IBM Tivoli Storage Manager FastBack installer could allow a remote attacker to execute arbitrary code on the system. | 7.3 |
| 2017-02-08 | CVE-2016-8481 | Permissions, Privileges, and Access Controls vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-02-08 | CVE-2016-8480 | Permissions, Privileges, and Access Controls vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-02-08 | CVE-2016-8476 | Permissions, Privileges, and Access Controls vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-02-08 | CVE-2016-8421 | Permissions, Privileges, and Access Controls vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-02-08 | CVE-2016-8420 | Permissions, Privileges, and Access Controls vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-02-08 | CVE-2016-8419 | Permissions, Privileges, and Access Controls vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-02-07 | CVE-2016-2779 | Permissions, Privileges, and Access Controls vulnerability in Kernel Util-Linux 2.24.21 runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | 7.8 |