Total
5457 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8009 | 1 Mcafee | 1 Application Control | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call. | |||||
| CVE-2016-8433 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31750190. References: MT-ALPS02974192. | |||||
| CVE-2016-9403 | 1 Mybb | 2 Merge System, Mybb | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to have unspecified impact by leveraging a missing permission check. | |||||
| CVE-2016-5857 | 1 Google | 1 Android | 2025-04-20 | 6.9 MEDIUM | 7.8 HIGH |
| The Qualcomm SPCom driver in Android before 7.0 allows local users to execute arbitrary code within the context of the kernel via a crafted application, aka Android internal bug 34386529 and Qualcomm internal bug CR#1094140. | |||||
| CVE-2016-8960 | 1 Ibm | 1 Cognos Business Intelligence | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Cognos Business Intelligence 10.2 could allow a user with lower privilege Capabilities to adopt the Capabilities of a higher-privilege user by intercepting the higher-privilege user's cookie value from its HTTP request and then reusing it in subsequent requests. IBM Reference #: 1993718. | |||||
| CVE-2016-9196 | 1 Cisco | 7 Aironet 1800, Aironet 2800e, Aironet 2800i and 4 more | 2025-04-20 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in login authentication management in Cisco Aironet 1800, 2800, and 3800 Series Access Point platforms could allow an authenticated, local attacker to gain unrestricted root access to the underlying Linux operating system. The root Linux shell is provided for advanced troubleshooting and should not be available to individual users, even those with root privileges. The attacker must have the root password to exploit this vulnerability. More Information: CSCvb13893. Known Affected Releases: 8.2(121.0) 8.3(102.0). Known Fixed Releases: 8.4(1.53) 8.4(1.52) 8.3(111.0) 8.3(104.23) 8.2(130.0) 8.2(124.1). | |||||
| CVE-2016-8446 | 1 Google | 1 Android | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31747749. References: MT-ALPS02968909. | |||||
| CVE-2015-3222 | 1 Ossec | 1 Ossec | 2025-04-20 | 6.9 MEDIUM | 7.0 HIGH |
| syscheck/seechanges.c in OSSEC 2.7 through 2.8.1 on NIX systems allows local users to execute arbitrary code as root. | |||||
| CVE-2016-10285 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33752702. References: QC-CR#1104899. | |||||
| CVE-2016-4617 | 1 Apple | 1 Mac Os X | 2025-04-20 | 4.6 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves a sandbox escape related to launchctl process spawning in the "libxpc" component. | |||||
| CVE-2014-3222 | 1 Huawei | 1 Espace Meeting | 2025-04-20 | 6.6 MEDIUM | 7.0 HIGH |
| In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key resources. | |||||
| CVE-2015-7274 | 1 Dell | 2 Integrated Remote Access Controller 6, Integrated Remote Access Controller Firmware | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 allows remote attackers to execute arbitrary administrative HTTP commands. | |||||
| CVE-2014-9922 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. | |||||
| CVE-2015-7875 | 1 Chaos Tool Suite Project | 1 Ctools | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal does not verify the "edit" permission for the "content type" plugins that are used on Panels and similar systems to place content and functionality on a page. | |||||
| CVE-2015-0296 | 2 Fedoraproject, Tug | 2 Fedora, Texlive | 2025-04-20 | 1.2 LOW | 4.7 MEDIUM |
| The pre-install script in texlive 3.1.20140525_r34255.fc21 as packaged in Fedora 21 and rpm, and texlive 6.20131226_r32488.fc20 and rpm allows local users to delete arbitrary files via a crafted file in the user's home directory. | |||||
| CVE-2015-4596 | 1 Lenovo | 1 Mouse Suite | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Lenovo Mouse Suite before 6.73 allows local users to run arbitrary code with administrator privileges. | |||||
| CVE-2016-8417 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32342399. References: QC-CR#1088824. | |||||
| CVE-2016-8235 | 1 Lenovo | 1 Customer Care Software Development Kit | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges. | |||||
| CVE-2016-8455 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 9.3 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-32219121. References: B-RB#106311. | |||||
| CVE-2015-1591 | 1 Kamailio | 1 Kamailio | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| The kamailio build in kamailio before 4.2.0-2 process allows local users to gain privileges. | |||||