Total
5244 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10700 | 1 Cacti | 1 Cacti | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| auth_login.php in Cacti before 1.0.0 allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database, because the guest user is not considered. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-2313. | |||||
| CVE-2015-3321 | 1 Lenovo | 1 Fingerprint Manager | 2025-04-20 | 7.2 HIGH | 6.7 MEDIUM |
| Services and files in Lenovo Fingerprint Manager before 8.01.42 have incorrect ACLs, which allows local users to invalidate local checks and gain privileges via standard filesystem operations. | |||||
| CVE-2016-10013 | 1 Xen | 1 Xen | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation. | |||||
| CVE-2015-1795 | 1 Redhat | 2 Enterprise Linux, Gluster Storage | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| Red Hat Gluster Storage RPM Package 3.2 allows local users to gain privileges and execute arbitrary code as root. | |||||
| CVE-2016-10323 | 1 Synology | 1 Photo Station | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command. | |||||
| CVE-2013-7432 | 1 Mapsplugin | 1 Googlemaps | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to bypass an intended protection mechanism. | |||||
| CVE-2016-6788 | 1 Google | 1 Android | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the MediaTek I2C driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31224428. References: MT-ALPS02943467. | |||||
| CVE-2016-10123 | 1 Firejail Project | 1 Firejail | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges. | |||||
| CVE-2016-8031 | 1 Mcafee | 1 Anti-malware Scan Engine | 2025-04-20 | 4.4 MEDIUM | 7.3 HIGH |
| Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file. | |||||
| CVE-2013-6446 | 1 Cloudera | 1 Cdh | 2025-04-20 | 3.5 LOW | 3.1 LOW |
| The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before 5.0.0 Beta 2, when using MRv2/YARN with HTTP authentication, allows remote authenticated users to obtain sensitive job information by leveraging failure to enforce job ACLs. | |||||
| CVE-2015-0162 | 1 Ibm | 1 Security Siteprotector System | 2025-04-20 | 6.9 MEDIUM | 7.0 HIGH |
| IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local users to gain privileges. | |||||
| CVE-2016-10282 | 1 Google | 1 Android | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-33939045. References: M-ALPS03149189. | |||||
| CVE-2010-5327 | 1 Liferay | 1 Liferay Portal | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| Liferay Portal through 6.2.10 allows remote authenticated users to execute arbitrary shell commands via a crafted Velocity template. | |||||
| CVE-2016-9871 | 1 Emc | 1 Isilon Onefs | 2025-04-20 | 9.0 HIGH | 7.2 HIGH |
| EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system. | |||||
| CVE-2016-10290 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm shared memory driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33898330. References: QC-CR#1109782. | |||||
| CVE-2016-8446 | 1 Google | 1 Android | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31747749. References: MT-ALPS02968909. | |||||
| CVE-2015-3229 | 1 Fedoraproject | 2 Atomic, Spin-kickstarts | 2025-04-20 | 4.3 MEDIUM | 5.9 MEDIUM |
| fedora-cloud-atomic.ks in spin-kickstarts allows remote attackers to conduct man-in-the-middle attacks by leveraging use of HTTP to download Fedora Atomic updates. | |||||
| CVE-2015-3617 | 1 Fortinet | 1 Fortimanager Firmware | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Fortinet FortiManager 5.0 before 5.0.11 and 5.2 before 5.2.2 allow local users to gain privileges via crafted CLI commands. | |||||
| CVE-2016-10398 | 1 Google | 1 Android | 2025-04-20 | 7.2 HIGH | 6.2 MEDIUM |
| Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens (AuthTokens) used by the Trusted Execution Environment (TEE) are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE without authenticating. All apps using authentication-gated cryptography are vulnerable to this attack, which was confirmed on the LG Nexus 5X. | |||||
| CVE-2016-10286 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-35400904. References: QC-CR#1090237. | |||||