Vulnerabilities (CVE)

Filtered by CWE-264
Total 5268 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-10041 1 Sprecher-automation 1 Sprecon-e Service Program 2026-06-17 4.6 MEDIUM 7.5 HIGH
An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. Under certain preconditions, it is possible to execute telegram simulation as a non-admin user. As prerequisites, a user must have created an online-connection, validly authenticated and authorized as administrator, and executed telegram simulation. After that, the online-connection must have been closed. Incorrect caching of client data then may lead to privilege escalation, where a subsequently acting non-admin user is permitted to do telegram simulation. In order to exploit this vulnerability, a potential attacker would need to have both a valid engineering-account in the SPRECON RBAC system as well as access to a service/maintenance computer with SPRECON-E Service Program running. Additionally, a valid admin-user must have closed the service connection beforehand without closing the program, having executed telegram simulation; the attacker then has access to the running software instance. Hence, there is no risk from external attackers.
CVE-2016-10031 1 Wampserver 1 Wampserver 2026-06-17 6.9 MEDIUM 7.5 HIGH
WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local attacker must insert an executable file called mysqld.exe or httpd.exe and replace the original files. The next time the service starts, the malicious file will get executed as SYSTEM. NOTE: the vendor disputes the relevance of this report, taking the position that a configuration in which "'someone' (an attacker) is able to replace files on a PC" is not "the fault of WampServer.
CVE-2016-10013 1 Xen 1 Xen 2026-06-17 4.6 MEDIUM 7.8 HIGH
Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.
CVE-2016-10010 1 Openbsd 1 Openssh 2026-06-17 6.9 MEDIUM 7.0 HIGH
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
CVE-2016-0943 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2026-06-17 6.8 MEDIUM 8.8 HIGH
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X mishandle the Global object, which allows attackers to bypass JavaScript API execution restrictions via unspecified vectors.
CVE-2016-0921 1 Emc 1 Avamar Server 2026-06-17 6.9 MEDIUM 6.5 MEDIUM
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use weak permissions for unspecified directories, which allows local users to obtain root access by replacing a script with a Trojan horse program.
CVE-2016-0917 1 Emc 13 Vnx1 Oe Firmware, Vnx2 Oe Firmware, Vnx5200 and 10 more 2026-06-17 7.5 HIGH 9.8 CRITICAL
The SMB service in EMC VNXe (VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638), VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Celerra (all supported versions) does not prevent duplicate NTLM challenge-response nonces, which makes it easier for remote attackers to execute arbitrary code, or read or write to files, via a series of authentication requests, a related issue to CVE-2010-0231.
CVE-2016-0915 1 Emc 1 Authentication Manager Prime 2026-06-17 5.5 MEDIUM 8.1 HIGH
The Self-Service Portal in EMC RSA Authentication Manager (AM) Prime Self-Service 3.0 and 3.1 before 3.1 1915.42871 allows remote authenticated users to cause a denial of service (PIN change for an arbitrary user) via a modified token serial number within a PIN change request, related to a "direct object reference vulnerability."
CVE-2016-0912 1 Dell 1 Emc Data Domain Os 2026-06-17 9.0 HIGH 9.8 CRITICAL
EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authenticated users to bypass intended password-change restrictions by leveraging access to (1) a different account with the same role as a target account or (2) an account's session at an unattended workstation.
CVE-2016-0911 1 Dell 1 Emc Data Domain Os 2026-06-17 7.2 HIGH 8.2 HIGH
EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 has a default no_root_squash option for NFS exports, which makes it easier for remote attackers to obtain filesystem access by leveraging client root privileges.
CVE-2016-0910 1 Emc 1 Data Domain Os 2026-06-17 4.3 MEDIUM 8.8 HIGH
EMC Data Domain OS 5.5 before 5.5.4.0, 5.6 before 5.6.1.004, and 5.7 before 5.7.2.0 stores session identifiers of GUI users in a world-readable file, which allows local users to hijack arbitrary accounts via unspecified vectors.
CVE-2016-0908 1 Emc 1 Isilon Onefs 2026-06-17 6.8 MEDIUM 6.7 MEDIUM
EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges.
CVE-2016-0905 1 Emc 1 Avamar Server 2026-06-17 7.2 HIGH 6.7 MEDIUM
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command.
CVE-2016-0852 1 Advantech 1 Webaccess 2026-06-17 5.0 MEDIUM 7.5 HIGH
Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors.
CVE-2016-0850 1 Google 1 Android 2026-06-17 5.8 MEDIUM 8.8 HIGH
The PORCHE_PAIRING_CONFLICT feature in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to bypass intended pairing restrictions via a crafted device, aka internal bug 26551752.
CVE-2016-0847 1 Google 1 Android 2026-06-17 7.2 HIGH 8.4 HIGH
The Telecom Component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to spoof the originating telephone number of a call via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26864502.
CVE-2016-0846 1 Google 1 Android 2026-06-17 7.2 HIGH 8.4 HIGH
libs/binder/IMemory.cpp in the IMemory Native Interface in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider the heap size, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26877992.
CVE-2016-0844 1 Google 1 Android 2026-06-17 7.2 HIGH 8.4 HIGH
The Qualcomm RF driver in Android 6.x before 2016-04-01 does not properly restrict access to socket ioctl calls, which allows attackers to gain privileges via a crafted application, aka internal bug 26324307.
CVE-2016-0843 1 Google 1 Android 2026-06-17 7.2 HIGH 8.4 HIGH
The Qualcomm ARM processor performance-event manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application, aka internal bug 25801197.
CVE-2016-0832 1 Google 1 Android 2026-06-17 6.6 MEDIUM 6.1 MEDIUM
Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25955042.