Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-14 | CVE-2019-0121 | Permissions, Privileges, and Access Controls vulnerability in Intel Matrix Storage Manager 8.9.0.1023 Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and before may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2019-03-14 | CVE-2019-9768 | Permissions, Privileges, and Access Controls vulnerability in Thinkst Canarytokens 20190301 Thinkst Canarytokens through commit hash 4e89ee0 (2019-03-01) relies on limited variation in size, metadata, and timestamp, which makes it easier for attackers to estimate whether a Word document contains a token. | 7.5 |
| 2019-03-09 | CVE-2019-9637 | Permissions, Privileges, and Access Controls vulnerability in multiple products An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. | 7.5 |
| 2019-03-08 | CVE-2019-3779 | Permissions, Privileges, and Access Controls vulnerability in Cloudfoundry Container Runtime Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kubernetes clusters utilize the same CA (Certificate Authority) to sign and trust certs for ETCD as used by the Kubernetes API. | 8.8 |
| 2019-02-07 | CVE-2019-1660 | Permissions, Privileges, and Access Controls vulnerability in Cisco Telepresence Management Suite A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. | 5.3 |
| 2018-10-30 | CVE-2015-7266 | Permissions, Privileges, and Access Controls vulnerability in IAB Open Real-Time Bidding 2.3 The Interactive Advertising Bureau (IAB) OpenRTB 2.3 protocol implementation might allow remote attackers to conceal the status of ad transactions and potentially compromise bid integrity by leveraging failure to limit the time between bid responses and impression notifications, aka the Amnesia Bug. | 7.5 |
| 2018-10-24 | CVE-2016-10730 | Permissions, Privileges, and Access Controls vulnerability in multiple products An issue was discovered in Amanda 3.3.1. | 7.8 |
| 2018-09-21 | CVE-2013-4451 | Permissions, Privileges, and Access Controls vulnerability in Gitolite gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating (1) ~/.gitolite.rc, (2) ~/.gitolite, or (3) ~/repositories/gitolite-admin.git on fresh installs. | 9.8 |
| 2018-09-11 | CVE-2016-7070 | Permissions, Privileges, and Access Controls vulnerability in Redhat Ansible Tower A privilege escalation flaw was found in the Ansible Tower. | 8.0 |
| 2018-07-31 | CVE-2016-8657 | Permissions, Privileges, and Access Controls vulnerability in Redhat Jboss Enterprise Application Platform 5.0.0/6.0.0/6.4.0 It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. | 7.8 |