Vulnerabilities > Permissions, Privileges, and Access Controls

DATE CVE VULNERABILITY TITLE RISK
2019-03-09 CVE-2019-9637 Permissions, Privileges, and Access Controls vulnerability in multiple products
An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3.
network
low complexity
php debian canonical opensuse netapp CWE-264
7.5
2019-03-08 CVE-2019-3779 Permissions, Privileges, and Access Controls vulnerability in Cloudfoundry Container Runtime
Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kubernetes clusters utilize the same CA (Certificate Authority) to sign and trust certs for ETCD as used by the Kubernetes API.
network
low complexity
cloudfoundry CWE-264
8.8
2019-02-07 CVE-2019-1660 Permissions, Privileges, and Access Controls vulnerability in Cisco Telepresence Management Suite
A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device.
network
low complexity
cisco CWE-264
5.3
2018-10-30 CVE-2015-7266 Permissions, Privileges, and Access Controls vulnerability in IAB Open Real-Time Bidding 2.3
The Interactive Advertising Bureau (IAB) OpenRTB 2.3 protocol implementation might allow remote attackers to conceal the status of ad transactions and potentially compromise bid integrity by leveraging failure to limit the time between bid responses and impression notifications, aka the Amnesia Bug.
network
low complexity
iab CWE-264
7.5
2018-10-24 CVE-2016-10730 Permissions, Privileges, and Access Controls vulnerability in multiple products
An issue was discovered in Amanda 3.3.1.
local
low complexity
zmanda redhat CWE-264
7.8
2018-09-21 CVE-2013-4451 Permissions, Privileges, and Access Controls vulnerability in Gitolite
gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating (1) ~/.gitolite.rc, (2) ~/.gitolite, or (3) ~/repositories/gitolite-admin.git on fresh installs.
network
low complexity
gitolite CWE-264
critical
9.8
2018-09-11 CVE-2016-7070 Permissions, Privileges, and Access Controls vulnerability in Redhat Ansible Tower
A privilege escalation flaw was found in the Ansible Tower.
low complexity
redhat CWE-264
8.0
2018-07-31 CVE-2016-8657 Permissions, Privileges, and Access Controls vulnerability in Redhat Jboss Enterprise Application Platform 5.0.0/6.0.0/6.4.0
It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files.
local
low complexity
redhat CWE-264
7.8
2018-07-16 CVE-2014-2079 Permissions, Privileges, and Access Controls vulnerability in multiple products
X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares.
local
low complexity
x-file-explorer-project debian CWE-264
5.5
2018-07-13 CVE-2016-9489 Permissions, Privileges, and Access Controls vulnerability in Zohocorp Manageengine Applications Manager 12.0/13.0
In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e.
network
low complexity
zohocorp CWE-264
8.8