Export limit exceeded: 365419 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (5697 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-7824 1 Buffalotech 2 Wnc01wh, Wnc01wh Firmware 2025-04-20 N/A
Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors.
CVE-2016-7833 1 Cybozu 1 Dezie 2025-04-20 N/A
Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.
CVE-2016-6785 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31748056. References: MT-ALPS02961400.
CVE-2016-8584 1 Trendmicro 1 Threat Discovery Appliance 2025-04-20 N/A
Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value.
CVE-2016-8587 1 Trendmicro 1 Threat Discovery Appliance 2025-04-20 N/A
dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via an archive file containing a symlink to /eng_ptn_stores/prod/sensorSDK/data/ or /eng_ptn_stores/prod/sensorSDK/backup_pol/.
CVE-2015-2692 1 Adblock 1 Adblock 2025-04-20 N/A
AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites and to disable arbitrary blocking filters.
CVE-2016-8588 1 Trendmicro 1 Threat Discovery Appliance 2025-04-20 N/A
The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the file name of an uploaded file.
CVE-2016-8606 2 Fedoraproject, Gnu 2 Fedora, Guile 2025-04-20 N/A
The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack.
CVE-2015-2687 1 Openstack 1 Compute 2025-04-20 N/A
OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for.
CVE-2016-6784 1 Google 1 Android 2025-04-20 N/A
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31350755. References: MT-ALPS02961424.
CVE-2016-8642 1 Moodle 1 Moodle 2025-04-20 N/A
In Moodle 2.x and 3.x, the question engine allows access to files that should not be available.
CVE-2015-1976 1 Ibm 2 Security Directory Server, Tivoli Directory Server 2025-04-20 N/A
IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash.
CVE-2014-9828 1 Imagemagick 1 Imagemagick 2025-04-20 8.8 High
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.
CVE-2016-8643 1 Moodle 1 Moodle 2025-04-20 N/A
In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.
CVE-2016-6783 1 Google 1 Android 2025-04-20 N/A
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31350044. References: MT-ALPS02943437.
CVE-2014-9827 1 Imagemagick 1 Imagemagick 2025-04-20 8.8 High
coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
CVE-2014-9830 1 Imagemagick 1 Imagemagick 2025-04-20 8.8 High
coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.
CVE-2014-9831 1 Imagemagick 1 Imagemagick 2025-04-20 8.8 High
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.
CVE-2016-9356 1 Moxa 1 Dacenter 2025-04-20 N/A
An issue was discovered in Moxa DACenter Versions 1.4 and older. The application may suffer from an unquoted search path issue.
CVE-2016-9368 1 Eaton 1 Xcomfort Ethernet Communication Interface 2025-04-20 N/A
An issue was discovered in Eaton xComfort Ethernet Communication Interface (ECI) Versions 1.07 and prior. By accessing a specific uniform resource locator (URL) on the webserver, a malicious user may be able to access files without authenticating.