Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-08 | CVE-2016-7383 | Permissions, Privileges, and Access Controls vulnerability in Nvidia GPU Driver For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in a memory mapping API in the kernel mode layer (nvlddmkm.sys) handler, leading to denial of service or potential escalation of privileges. | 7.8 |
| 2016-11-08 | CVE-2016-7381 | Permissions, Privileges, and Access Controls vulnerability in Nvidia GPU Driver For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a user input to index an array is not bounds checked, leading to denial of service or potential escalation of privileges. | 7.8 |
| 2016-11-03 | CVE-2016-6430 | Permissions, Privileges, and Access Controls vulnerability in Cisco IP Interoperability and Collaboration System A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an authenticated, local attacker to elevate the privilege level associated with their session. | 7.8 |
| 2016-11-03 | CVE-2016-7402 | Permissions, Privileges, and Access Controls vulnerability in Sybase Adaptive Server Enterprise SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa (system administrator) via dbcc import_sproc SQL injection. | 9.8 |
| 2016-10-28 | CVE-2016-8867 | Permissions, Privileges, and Access Controls vulnerability in Docker 1.12.2 Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. | 7.5 |
| 2016-10-27 | CVE-2016-6438 | Permissions, Privileges, and Access Controls vulnerability in Cisco IOS XE A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device. | 5.9 |
| 2016-10-26 | CVE-2016-8501 | Permissions, Privileges, and Access Controls vulnerability in Yandex Browser 15.10.2454.3845/15.12.0.6151/15.12.1.6475 Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 allows remote attacker to sniff traffic in open or WEP-protected wi-fi networks despite of special security mechanism is enabled. | 5.3 |
| 2016-10-25 | CVE-2016-8289 | Permissions, Privileges, and Access Controls vulnerability in Oracle Mysql Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB. | 4.7 |
| 2016-10-25 | CVE-2016-5573 | Permissions, Privileges, and Access Controls vulnerability in Oracle JDK and JRE Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582. | 8.3 |
| 2016-10-25 | CVE-2016-5572 | Permissions, Privileges, and Access Controls vulnerability in Oracle Database 12.1.0.2 Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | 6.4 |