Export limit exceeded: 339825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (4678 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4383 | 1 Hp | 1 Helion Openstack Glance | 2025-04-20 | N/A |
| The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change. | ||||
| CVE-2016-10193 | 1 Espeak-ruby Project | 1 Espeak-ruby | 2025-04-20 | N/A |
| The espeak-ruby gem before 1.0.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the speak, save, bytes or bytes_wav method in lib/espeak/speech.rb. | ||||
| CVE-2016-1220 | 1 Cybozu | 1 Garoon | 2025-04-20 | N/A |
| Cybozu Garoon before 4.2.2 does not properly restrict access. | ||||
| CVE-2016-4307 | 1 Kaspersky | 1 Internet Security | 2025-04-20 | N/A |
| A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user-mode to trigger this vulnerability. | ||||
| CVE-2016-4305 | 1 Kaspersky | 1 Internet Security | 2025-04-20 | N/A |
| A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver. A specially crafted native api call can cause a access violation in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to trigger this vulnerability. | ||||
| CVE-2016-4304 | 1 Kaspersky | 1 Internet Security | 2025-04-20 | N/A |
| A denial of service vulnerability exists in the syscall filtering functionality of the Kaspersky Internet Security KLIF driver. A specially crafted native api call request can cause a access violation exception in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to trigger this vulnerability. | ||||
| CVE-2016-3733 | 1 Moodle | 1 Moodle | 2025-04-20 | N/A |
| The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber. | ||||
| CVE-2016-3729 | 1 Moodle | 1 Moodle | 2025-04-20 | N/A |
| The user editing form in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to edit profile fields locked by the administrator. | ||||
| CVE-2016-0768 | 1 Postgresql | 1 Postgresql | 2025-04-20 | N/A |
| PostgreSQL PL/Java after 9.0 does not honor access controls on large objects. | ||||
| CVE-2016-7793 | 1 Sociomantic | 1 Git-hub | 2025-04-20 | N/A |
| sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository URL. | ||||
| CVE-2016-7792 | 1 Ubiquiti Networks | 2 Unifi Ap Ac Lite, Unifi Ap Ac Lite Firmware | 2025-04-20 | N/A |
| Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the database by directly connecting to it. | ||||
| CVE-2016-7565 | 1 Exponentcms | 1 Exponent Cms | 2025-04-20 | N/A |
| install/index.php in Exponent CMS 2.3.9 allows remote attackers to execute arbitrary commands via shell metacharacters in the sc array parameter. | ||||
| CVE-2016-7545 | 3 Fedoraproject, Redhat, Selinux Project | 9 Fedora, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-20 | N/A |
| SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. | ||||
| CVE-2015-8140 | 1 Ntp | 1 Ntp | 2025-04-20 | N/A |
| The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network. | ||||
| CVE-2015-8139 | 1 Ntp | 1 Ntp | 2025-04-20 | N/A |
| ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors. | ||||
| CVE-2016-6807 | 1 Apache | 1 Ambari | 2025-04-20 | N/A |
| Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process. | ||||
| CVE-2016-3112 | 2 Pulpproject, Redhat | 3 Pulp, Satellite, Satellite Capsule | 2025-04-20 | N/A |
| client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as world-readable, which allows remote authenticated users to obtain the consumer private keys and escalate privileges by reading /etc/pki/pulp/consumer/consumer-cert, and authenticating as a consumer user. | ||||
| CVE-2016-6791 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31252384. References: QC-CR#1071809. | ||||
| CVE-2016-6790 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.18. Android ID: A-31251628. References: N-CVE-2016-6790. | ||||
| CVE-2016-6789 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.18. Android ID: A-31251973. References: N-CVE-2016-6789. | ||||