Vulnerabilities > Permissions, Privileges, and Access Controls

DATE CVE VULNERABILITY TITLE RISK
2018-04-10 CVE-2014-1946 Permissions, Privileges, and Access Controls vulnerability in Opendocman
OpenDocMan 1.2.7 and earlier does not properly validate allowed actions, which allows remote authenticated users to bypass an intended access restrictions and assign administrative privileges to themselves via a crafted request to signup.php.
network
low complexity
opendocman CWE-264
8.8
8.8
2018-04-10 CVE-2014-1889 Permissions, Privileges, and Access Controls vulnerability in Buddypress
The Group creation process in the Buddypress plugin before 1.9.2 for WordPress allows remote authenticated users to gain control of arbitrary groups by leveraging a missing permissions check.
network
low complexity
buddypress CWE-264
6.5
6.5
2018-04-06 CVE-2014-1226 Permissions, Privileges, and Access Controls vulnerability in S3Dvt Project S3Dvt 0.2.2
The pipe_init_terminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier.
local
low complexity
s3dvt-project CWE-264
7.8
7.8
2018-04-06 CVE-2013-6876 Permissions, Privileges, and Access Controls vulnerability in S3Dvt Project S3Dvt 0.2.2
The (1) pty_init_terminal and (2) pipe_init_terminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier.
local
low complexity
s3dvt-project CWE-264
7.8
7.8
2018-04-05 CVE-2016-8482 Permissions, Privileges, and Access Controls vulnerability in Google Android
An elevation of privilege vulnerability in the NVIDIA GPU driver.
local
low complexity
google CWE-264
7.8
7.8
2018-04-04 CVE-2016-8488 Permissions, Privileges, and Access Controls vulnerability in Google Android
An elevation of privilege vulnerability in Qualcomm closed source components.
network
low complexity
google CWE-264
critical
 9.8
9.8
2018-04-04 CVE-2016-8487 Permissions, Privileges, and Access Controls vulnerability in Google Android
An elevation of privilege vulnerability in Qualcomm closed source components.
network
low complexity
google CWE-264
critical
 9.8
9.8
2018-04-04 CVE-2016-8484 Permissions, Privileges, and Access Controls vulnerability in Google Android
An elevation of privilege vulnerability in Qualcomm closed source components.
network
low complexity
google CWE-264
critical
 9.8
9.8
2018-04-04 CVE-2016-10299 Permissions, Privileges, and Access Controls vulnerability in Google Android
An elevation of privilege vulnerability in Qualcomm closed source components.
network
low complexity
google CWE-264
critical
 9.8
9.8
2018-04-04 CVE-2016-10298 Permissions, Privileges, and Access Controls vulnerability in Google Android
An elevation of privilege vulnerability in Qualcomm closed source components.
network
low complexity
google CWE-264
critical
 9.8
9.8