Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-14 | CVE-2016-9215 | Permissions, Privileges, and Access Controls vulnerability in Cisco IOS XR 6.1.1 A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user. | 7.8 |
| 2016-12-14 | CVE-2016-9192 | Permissions, Privileges, and Access Controls vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. | 7.8 |
| 2016-12-14 | CVE-2016-6470 | Permissions, Privileges, and Access Controls vulnerability in Cisco Hybrid Media Service 1.0Base A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. | 7.8 |
| 2016-12-14 | CVE-2016-6449 | Permissions, Privileges, and Access Controls vulnerability in Cisco Fireamp Connector Endpoint Software 4.4.0/4.4.2.10200 A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAMP processes without requiring a password. | 7.8 |
| 2016-12-13 | CVE-2016-6706 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 7.8 |
| 2016-12-13 | CVE-2016-5647 | Permissions, Privileges, and Access Controls vulnerability in Intel Graphics Driver The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, 15.36.x through 15.36.30.4385, and 15.40.x through 15.40.4404 on Windows allows local users to cause a denial of service (crash) or gain privileges via a crafted D3DKMTEscape request. | 7.8 |
| 2016-12-11 | CVE-2016-9849 | Permissions, Privileges, and Access Controls vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 9.8 |
| 2016-12-09 | CVE-2016-9014 | Permissions, Privileges, and Access Controls vulnerability in multiple products Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS. | 8.1 |
| 2016-12-08 | CVE-2015-8967 | Permissions, Privileges, and Access Controls vulnerability in multiple products arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileges, by leveraging write access. | 7.8 |
| 2016-12-08 | CVE-2015-8966 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call. | 7.8 |