Vulnerabilities (CVE)

Filtered by CWE-264
Total 5244 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-1328 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2025-04-12 7.2 HIGH 7.8 HIGH
The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.
CVE-2012-0032 1 Redhat 1 Jboss Operations Network 2025-04-12 3.7 LOW N/A
Red Hat JBoss Operations Network (JON) before 3.0.1 uses 0777 permissions for the root directory when installing a remote client, which allows local users to read or modify subdirectories and files within the root directory, as demonstrated by obtaining JON credentials.
CVE-2013-1841 1 Seamons 1 Net-server 2025-04-12 4.3 MEDIUM N/A
Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter.
CVE-2014-9675 6 Canonical, Debian, Fedoraproject and 3 more 11 Ubuntu Linux, Debian Linux, Fedora and 8 more 2025-04-12 5.0 MEDIUM N/A
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
CVE-2014-8802 1 Genetechsolutions 1 Pie Register 2025-04-12 5.0 MEDIUM N/A
The Pie Register plugin before 2.0.14 for WordPress does not properly restrict access to certain functions in pie-register.php, which allows remote attackers to (1) add a user by uploading a crafted CSV file or (2) activate a user account via a verifyit action.
CVE-2014-9891 1 Google 1 Android 2025-04-12 9.3 HIGH 7.8 HIGH
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain buffer addresses, which allows attackers to gain privileges via a crafted application that makes an ioctl call, aka Android internal bug 28749283 and Qualcomm internal bug CR550061.
CVE-2015-6619 1 Google 1 Android 2025-04-12 9.3 HIGH N/A
The kernel in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, aka internal bug 23520714.
CVE-2016-6276 1 Citrix 1 Linux Virtual Delivery Agent 2025-04-12 7.2 HIGH 7.8 HIGH
Citrix Linux Virtual Delivery Agent (aka VDA, formerly Linux Virtual Desktop) before 1.4.0 allows local users to gain root privileges via unspecified vectors.
CVE-2016-2450 1 Google 1 Android 2025-04-12 9.3 HIGH 7.8 HIGH
codecs/on2/enc/SoftVPXEncoder.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate OMX buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27569635.
CVE-2014-9583 2 Asus, T-mobile 4 Rt-ac66u, Rt-n66u, Wrt Firmware and 1 more 2025-04-12 10.0 HIGH N/A
common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change.
CVE-2014-1279 1 Apple 1 Tvos 2025-04-12 2.1 LOW N/A
Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data.
CVE-2016-3888 1 Google 1 Android 2025-04-12 2.1 LOW 2.1 LOW
internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism, and send premium SMS messages during the Setup Wizard provisioning stage, via unspecified vectors, aka internal bug 29420123.
CVE-2016-7271 1 Microsoft 2 Windows 10, Windows Server 2016 2025-04-12 4.6 MEDIUM 7.8 HIGH
The Secure Kernel Mode implementation in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows local users to bypass the virtual trust level (VTL) protection mechanism via a crafted application, aka "Secure Kernel Mode Elevation of Privilege Vulnerability."
CVE-2014-4039 3 Ppc64-diag Project, Redhat, Suse 3 Ppc64-diag, Enterprise Linux Server, Linux Enterprise Server 2025-04-12 2.1 LOW N/A
ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by reading files in this archive, as demonstrated by /var/log/messages and /etc/yaboot.conf.
CVE-2016-0133 1 Microsoft 6 Windows 10, Windows 7, Windows 8.1 and 3 more 2025-04-12 7.2 HIGH 6.8 MEDIUM
The USB Mass Storage Class driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows physically proximate attackers to execute arbitrary code by inserting a crafted USB device, aka "USB Mass Storage Elevation of Privilege Vulnerability."
CVE-2015-1356 1 Siemens 1 Simatic Step 7 2025-04-12 4.4 MEDIUM N/A
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file.
CVE-2016-3249 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2025-04-12 7.2 HIGH 7.3 HIGH
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3252, CVE-2016-3254, and CVE-2016-3286.
CVE-2014-2956 1 Avg 2 Safeguard, Secure Search Toolbar 2025-04-12 9.3 HIGH N/A
ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access control for method calls, which allows remote attackers to trigger the downloading and execution of arbitrary programs via a crafted web site.
CVE-2014-5356 2 Canonical, Openstack 2 Ubuntu Linux, Image Registry And Delivery Service \(glance\) 2025-04-12 4.0 MEDIUM N/A
OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4, 2014.x before 2014.1.3, and Juno before Juno-3, when using the V2 API, does not properly enforce the image_size_cap configuration option, which allows remote authenticated users to cause a denial of service (disk consumption) by uploading a large image.
CVE-2014-3684 1 Adaptivecomputing 1 Torque Resource Manager 2025-04-12 6.8 MEDIUM N/A
The tm_adopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, which allows remote authenticated users to kill arbitrary processes via a crafted executable.