Смотрите также связанные темы 10.10.2018 CVE-2015-4929 IBM License Metric Tool 9 before 9.2.1.0 and Endpoint Manager for Software Use Analysis 9 before 9.2.1.0 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information via a REST API request.
21.11.2018 CVE-2015-5787 The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows attackers to bypass background-execution limitations via a crafted app.
03.01.2018 CVE-2015-4946 Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x ...
22.02.2018 Acecard Trojan: Android Users of Over 30 Banking and Payment Apps at Risk Kaspersky Lab’s Anti-malware Research Team has detected one of the most dangerous Android banking Trojans ever seen. The Acecard malware is capable of attacking users of nearly 50 different online financial applications and services and is able to bypass the Google Play store’s security measures
15.08.2018 SYM08-015: Veritas Storage Foundation for Windows Volume Manager Scheduler Service for Windows Security Update Circumvention It is possible to circumvent the security patch that resolved a previously identified authentication bypass, remote code execution vulnerability in the Veritas Storage Foundation for Windows v5.0 Volume Manager Scheduler Service.
02.09.2018 CVE-2008-3876 Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass intended access restrictions, and obtain sensitive information or make arbitrary use of the device, via an Emergency Call tap and a Home double-tap, followed by a tap of any contact's blue arrow.
08.10.2018 Cisco Security Advisory: Authentication Bypass in Cisco Unity A vulnerability exists in Cisco Unity that could allow an unauthenticated user to view or modify some of the configuration parameters of the Cisco Unity server.
23.01.2018 CVE-2015-6317 Cisco Identity Services Engine (ISE) before 2.0 allows remote authenticated users to bypass intended web-resource access restrictions via a direct request, aka Bug ID CSCuu45926.
13.02.2018 CVE-2016-1622 The Extensions subsystem in Google Chrome before 48.0.2564.109 does not prevent use of the Object.defineProperty method to override intended extension behavior, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
19.10.2018 [ MDVSA-2008:208-1 ] pam_mount pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify
mountpoint and source ownership before mounting a user-defined volume,
which allows local users to bypass intended access restrictions via
a local mount.
|