Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-16 | CVE-2014-2079 | Permissions, Privileges, and Access Controls vulnerability in multiple products X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares. | 5.5 |
| 2018-07-13 | CVE-2016-9489 | Permissions, Privileges, and Access Controls vulnerability in Zohocorp Manageengine Applications Manager 12.0/13.0 In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. | 8.8 |
| 2018-07-13 | CVE-2016-9486 | Permissions, Privileges, and Access Controls vulnerability in Forescout Secureconnector On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. | 7.8 |
| 2018-07-13 | CVE-2016-9485 | Permissions, Privileges, and Access Controls vulnerability in Forescout Secureconnector On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. | 7.8 |
| 2018-07-13 | CVE-2016-6564 | Permissions, Privileges, and Access Controls vulnerability in multiple products Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks. | 8.1 |
| 2018-06-11 | CVE-2016-9075 | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. | 9.8 |
| 2018-06-11 | CVE-2016-9073 | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. | 7.5 |
| 2018-06-11 | CVE-2016-9070 | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections. | 8.0 |
| 2018-06-11 | CVE-2016-5295 | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege by having the Maintenance Service invoke the Mozilla Updater to run malicious local files. | 7.8 |
| 2018-06-08 | CVE-2011-3172 | Permissions, Privileges, and Access Controls vulnerability in Suse Linux Enterprise Server A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. | 9.8 |