File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources. It would be more difficult for an authenticated attacker to now traverse through t...

Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

Pulp does not remove permissions for named objects upon deletion, which allows authenticated users to gain the privileges of a deleted object via creating an object with the same name.

HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also acc...

In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference leads to referencing/updating objects belonging to other users. I...

In isPreferred of HidProfile.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible device type confusion due to a permissions bypass. This could lead to remote code execution with no addit...