Vulnerabilities > Permissions, Privileges, and Access Controls

DATE	CVE	VULNERABILITY TITLE	RISK
2016-09-11	CVE-2016-3865	Permissions, Privileges, and Access Controls vulnerability in Google Android The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28799389. local low complexity google CWE-264	7.8
2016-09-11	CVE-2016-3864	Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm radio interface layer in Android before 2016-09-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28823714 and Qualcomm internal bug CR913117. local low complexity google CWE-264	7.8
2016-09-11	CVE-2016-3859	Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm camera driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28815326 and Qualcomm internal bug CR1034641. local low complexity google CWE-264	7.8
2016-09-09	CVE-2016-6211	Permissions, Privileges, and Access Controls vulnerability in multiple products The User module in Drupal 7.x before 7.44 allows remote authenticated users to gain privileges via vectors involving contributed or custom code that triggers a rebuild of the user profile form. network low complexity drupal debian CWE-264	8.8
2016-09-09	CVE-2016-4573	Permissions, Privileges, and Access Controls vulnerability in Fortinet Fortiswitch 3.4.1 Fortinet FortiSwitch FSW-108D-POE, FSW-124D, FSW-124D-POE, FSW-224D-POE, FSW-224D-FPOE, FSW-248D-POE, FSW-248D-FPOE, FSW-424D, FSW-424D-POE, FSW-424D-FPOE, FSW-448D, FSW-448D-POE, FSW-448D-FPOE, FSW-524D, FSW-524D-FPOE, FSW-548D, FSW-548D-FPOE, FSW-1024D, FSW-1048D, FSW-3032D, and FSW-R-112D-POE models, when in FortiLink managed mode and upgraded to 3.4.1, might allow remote attackers to bypass authentication and gain administrative access via an empty password for the rest_admin account. network low complexity fortinet CWE-264 critical	9.8
2016-09-08	CVE-2016-4381	Permissions, Privileges, and Access Controls vulnerability in HP XP7 Command View 8.4.0/8.4.1 HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x before 8.4.1-02, when Replication Manager (RepMgr) and Device Manager (DevMgr) are enabled, allows local users to bypass intended access restrictions via unspecified vectors. local high complexity hp CWE-264	4.5
2016-09-07	CVE-2016-5422	Permissions, Privileges, and Access Controls vulnerability in Redhat Jboss Operations Network The web console in Red Hat JBoss Operations Network (JON) before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admin privileges via a crafted POST request. network low complexity redhat CWE-264	8.8
2016-08-25	CVE-2016-6369	Permissions, Privileges, and Access Controls vulnerability in Cisco Anyconnect Secure Mobility Client Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464. local low complexity cisco CWE-264	7.8
2016-08-24	CVE-2016-7089	Permissions, Privileges, and Access Controls vulnerability in Watchguard Rapidstream WatchGuard RapidStream appliances allow local users to gain privileges and execute arbitrary commands via a crafted ifconfig command, aka ESCALATEPLOWMAN. local low complexity watchguard CWE-264	7.8
2016-08-22	CVE-2016-6362	Permissions, Privileges, and Access Controls vulnerability in Cisco Aironet Access Point Software Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725. local low complexity cisco CWE-264	7.8