Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-06-13 | CVE-2016-2493 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 26571522. | 7.8 |
| 2016-06-13 | CVE-2016-2492 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1 The MediaTek power-management driver in Android before 2016-06-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 28085410. | 7.8 |
| 2016-06-13 | CVE-2016-2491 | Permissions, Privileges, and Access Controls vulnerability in Google Android The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27556408. | 7.8 |
| 2016-06-13 | CVE-2016-2490 | Permissions, Privileges, and Access Controls vulnerability in Google Android The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27533373. | 7.8 |
| 2016-06-13 | CVE-2016-2489 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407629. | 7.8 |
| 2016-06-13 | CVE-2016-2488 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm camera driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27600832. | 7.8 |
| 2016-06-10 | CVE-2016-0910 | Permissions, Privileges, and Access Controls vulnerability in EMC Data Domain OS 5.5.3.3/5.6.1.0/5.7.1.0 EMC Data Domain OS 5.5 before 5.5.4.0, 5.6 before 5.6.1.004, and 5.7 before 5.7.2.0 stores session identifiers of GUI users in a world-readable file, which allows local users to hijack arbitrary accounts via unspecified vectors. | 8.8 |
| 2016-06-08 | CVE-2016-3738 | Permissions, Privileges, and Access Controls vulnerability in Redhat Openshift 3.2 Red Hat OpenShift Enterprise 3.2 does not properly restrict access to STI builds, which allows remote authenticated users to access the Docker socket and gain privileges via vectors related to build-pod. | 8.8 |
| 2016-06-08 | CVE-2016-2160 | Permissions, Privileges, and Access Controls vulnerability in Redhat Openshift and Openshift Origin Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute commands with root privileges by changing the root password in an sti builder image. | 8.8 |
| 2016-06-07 | CVE-2016-4962 | Permissions, Privileges, and Access Controls vulnerability in multiple products The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore. | 6.7 |