Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-24 | CVE-2013-3024 | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Application Server 8.5.0.0/8.5.0.1/8.5.0.2 IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. | 7.8 |
| 2018-05-22 | CVE-2016-8656 | Permissions, Privileges, and Access Controls vulnerability in Redhat Jboss Enterprise Application Platform Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation. | 7.8 |
| 2018-04-27 | CVE-2014-2552 | Permissions, Privileges, and Access Controls vulnerability in Brookinsconsulting Collected Information Export 1.1.0 Brookins Consulting (BC) Collected Information Export extension for eZ Publish 1.1.0 does not properly restrict access, which allows remote attackers to gain access to sensitive data. | 9.8 |
| 2018-04-27 | CVE-2014-1846 | Permissions, Privileges, and Access Controls vulnerability in Enlightenment Enlightenment before 0.17.6 might allow local users to gain privileges via vectors involving the gdb method. | 7.8 |
| 2018-04-27 | CVE-2014-1845 | Permissions, Privileges, and Access Controls vulnerability in Enlightenment An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment. | 7.8 |
| 2018-04-27 | CVE-2013-7202 | Permissions, Privileges, and Access Controls vulnerability in Paypal The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system. | 8.1 |
| 2018-04-18 | CVE-2016-10457 | Permissions, Privileges, and Access Controls vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, app is requesting more permissions than required. | 9.8 |
| 2018-04-18 | CVE-2016-10451 | Permissions, Privileges, and Access Controls vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, privilege escalation may occur due to inherently insecure treatment of local files. | 7.8 |
| 2018-04-18 | CVE-2014-10058 | Permissions, Privileges, and Access Controls vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 845, and Snapdragon_High_Med_2016, unauthorized users can potentially modify system time. | 7.5 |
| 2018-04-18 | CVE-2014-10057 | Permissions, Privileges, and Access Controls vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 435, SD 617, SD 625, and Snapdragon_High_Med_2016, binary Calibration files under data/misc/audio have 777 permissions. | 9.8 |