Vulnerabilities (CVE)

Filtered by CWE-264
Total 5268 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-10225 1 Allwinner 4 A83t, H3, H8 and 1 more 2026-06-17 7.2 HIGH 7.8 HIGH
The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending "rootmydevice" to /proc/sunxi_debug/sunxi_debug.
CVE-2016-10200 2 Google, Linux 2 Android, Linux Kernel 2026-06-17 6.9 MEDIUM 7.0 HIGH
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.
CVE-2016-10187 1 Calibre-ebook 1 Calibre 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.
CVE-2016-10156 1 Systemd Project 1 Systemd 2026-06-17 7.2 HIGH 7.8 HIGH
A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229.
CVE-2016-10152 1 Hesiod Project 1 Hesiod 2026-06-17 10.0 HIGH 9.8 CRITICAL
The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache.
CVE-2016-10151 1 Hesiod Project 1 Hesiod 2026-06-17 6.9 MEDIUM 7.0 HIGH
The hesiod_init function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the (1) HESIOD_CONFIG or (2) HES_DOMAIN environment variable and leveraging certain SUID/SGUID binary.
CVE-2016-10150 1 Linux 1 Linux Kernel 2026-06-17 10.0 HIGH 9.8 CRITICAL
Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls on the /dev/kvm device.
CVE-2016-10126 1 Splunk 1 Splunk 2026-06-17 10.0 HIGH 9.8 CRITICAL
Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via unspecified vectors, aka SPL-128840.
CVE-2016-10123 1 Firejail Project 1 Firejail 2026-06-17 7.2 HIGH 7.8 HIGH
Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.
CVE-2016-10122 1 Firejail Project 1 Firejail 2026-06-17 7.2 HIGH 7.8 HIGH
Firejail does not properly clean environment variables, which allows local users to gain privileges.
CVE-2016-10121 1 Firejail Project 1 Firejail 2026-06-17 7.2 HIGH 7.8 HIGH
Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.
CVE-2016-10120 1 Firejail Project 1 Firejail 2026-06-17 7.2 HIGH 7.8 HIGH
Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.
CVE-2016-10119 1 Firejail Project 1 Firejail 2026-06-17 7.2 HIGH 7.8 HIGH
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
CVE-2016-10118 1 Firejail Project 1 Firejail 2026-06-17 2.1 LOW 3.3 LOW
Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.
CVE-2016-10117 1 Firejail Project 1 Firejail 2026-06-17 7.2 HIGH 7.8 HIGH
Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.
CVE-2016-10116 1 Netgear 8 Arlo Base Station Firmware, Arlo Q Camera Firmware, Arlo Q Plus Camera Firmware and 5 more 2026-06-17 9.3 HIGH 8.1 HIGH
NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier use a pattern of adjective, noun, and three-digit number for the customized password, which makes it easier for remote attackers to obtain access via a dictionary attack.
CVE-2016-10089 1 Nagios 1 Nagios 2026-06-17 7.2 HIGH 7.8 HIGH
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.
CVE-2016-10086 5 Ca, Ibm, Linux and 2 more 6 Service Desk Management, Service Desk Manager, Aix and 3 more 2026-06-17 5.5 MEDIUM 8.1 HIGH
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.
CVE-2016-10072 1 Wampserver 1 Wampserver 2026-06-17 6.9 MEDIUM 5.3 MEDIUM
WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local attacker must insert an executable file called wampmanager.exe or unins000.exe and replace the original files. The next time one of these programs is launched by a more privileged user, malicious code chosen by the local attacker will run. NOTE: the vendor disputes the relevance of this report, taking the position that a configuration in which "'someone' (an attacker) is able to replace files on a PC" is not "the fault of WampServer.
CVE-2016-10044 2 Google, Linux 2 Android, Linux Kernel 2026-06-17 7.2 HIGH 7.8 HIGH
The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.