Vulnerabilities > Permissions, Privileges, and Access Controls

DATE CVE VULNERABILITY TITLE RISK
2019-04-09 CVE-2019-0796 Permissions, Privileges, and Access Controls vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-264
5.5
2019-04-09 CVE-2019-0731 Permissions, Privileges, and Access Controls vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-264
7.8
2019-04-09 CVE-2019-0730 Permissions, Privileges, and Access Controls vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-264
7.8
2019-04-05 CVE-2019-10885 Permissions, Privileges, and Access Controls vulnerability in Ivanti Workspace Control
An issue was discovered in Ivanti Workspace Control before 10.3.90.0.
local
low complexity
ivanti CWE-264
7.8
2019-03-23 CVE-2015-3965 Permissions, Privileges, and Access Controls vulnerability in Pfizer Symbiq Infusion System Firmware 3.13
Hospira Symbiq Infusion System 3.13 and earlier allows remote authenticated users to trigger "unanticipated operations" by leveraging "elevated privileges" for an unspecified call to an incorrectly exposed function.
network
low complexity
pfizer CWE-264
8.8
2019-03-21 CVE-2016-9166 Permissions, Privileges, and Access Controls vulnerability in Microfocus Netiq Edirectory 9.0
NetIQ eDirectory versions prior to 9.0.2, under some circumstances, could be susceptible to downgrade of communication security.
network
low complexity
microfocus CWE-264
7.5
2019-03-14 CVE-2019-0135 Permissions, Privileges, and Access Controls vulnerability in multiple products
Improper permissions in the installer for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel lenovo CWE-264
7.8
2019-03-14 CVE-2019-0129 Permissions, Privileges, and Access Controls vulnerability in Intel USB 3.0 Creator Utility
Improper permissions for Intel(R) USB 3.0 Creator Utility all versions may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-264
7.8
2019-03-14 CVE-2019-0121 Permissions, Privileges, and Access Controls vulnerability in Intel Matrix Storage Manager 8.9.0.1023
Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and before may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-264
7.8
2019-03-14 CVE-2019-9768 Permissions, Privileges, and Access Controls vulnerability in Thinkst Canarytokens 20190301
Thinkst Canarytokens through commit hash 4e89ee0 (2019-03-01) relies on limited variation in size, metadata, and timestamp, which makes it easier for attackers to estimate whether a Word document contains a token.
network
low complexity
thinkst CWE-264
7.5