Search Results (9602 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-7955 1 Alienvault 2 Ossim, Unified Security Management 2025-04-20 N/A
The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, when an action has been created, and USM before 5.3.1 allows remote attackers to bypass authentication and consequently obtain sensitive information, modify the application, or execute arbitrary code as root via an "AV Report Scheduler" HTTP User-Agent header.
CVE-2016-8005 1 Mcafee 1 Email Gateway 2025-04-20 N/A
File extension filtering vulnerability in Intel Security McAfee Email Gateway (MEG) before 7.6.404h1128596 allows attackers to fail to identify the file name properly via scanning an email with a forged attached filename that uses a null byte within the filename extension.
CVE-2016-3067 1 Cygwin 1 Cygwin 2025-04-20 N/A
Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges.
CVE-2016-8008 2 Mcafee, Microsoft 3 Security Scan Plus, Windows 10, Windows 7 2025-04-20 N/A
Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus (SSP) 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system.
CVE-2016-10274 1 Google 1 Android 2025-04-20 N/A
An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30202412. References: M-ALPS02897901.
CVE-2016-8009 1 Mcafee 1 Application Control 2025-04-20 N/A
Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call.
CVE-2016-8012 1 Mcafee 1 Data Loss Prevention Endpoint 2025-04-20 N/A
Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other processes via pages in the target process memory get.
CVE-2016-8026 1 Mcafee 1 Security Scan Plus 2025-04-20 N/A
Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus (SSP) 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors.
CVE-2016-8031 1 Mcafee 1 Anti-malware Scan Engine 2025-04-20 7.3 High
Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file.
CVE-2016-3051 1 Ibm 1 Security Access Manager 9.0 Firmware 2025-04-20 N/A
IBM Security Access Manager for Web 9.0.0 could allow an authenticated user to access some privileged functionality of the server. IBM X-Force ID: 114714.
CVE-2016-10280 1 Google 1 Android 2025-04-20 N/A
An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175767. References: M-ALPS02696445.
CVE-2016-3053 1 Ibm 1 Aix 2025-04-20 N/A
IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges.
CVE-2009-5147 2 Redhat, Ruby-lang 2 Rhel Software Collections, Ruby 2025-04-20 N/A
DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names.
CVE-2017-9940 1 Siemens 1 Sipass Integrated 2025-04-20 N/A
A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with access to a low-privileged user account to read or write files on the file system of the SiPass integrated server over the network.
CVE-2016-8202 1 Broadcom 1 Fabric Operating System 2025-04-20 N/A
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected versions, non-root users can gain root access with a combination of shell commands and parameters.
CVE-2016-8216 1 Dell 1 Emc Data Domain Os 2025-04-20 6.7 Medium
EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all versions prior to 5.6.2.0, EMC Data Domain OS (DD OS) 5.7 family all versions prior to 5.7.2.10 has a command injection vulnerability that could potentially be exploited by malicious users to compromise the affected system.
CVE-2016-8219 1 Cloudfoundry 2 Capi-release, Cf-release 2025-04-20 6.5 Medium
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI-release versions prior to 1.12.0. A user with the SpaceAuditor role is over-privileged with the ability to restage applications. This could cause application downtime if the restage fails.
CVE-2016-8221 1 Lenovo 1 Xclarity Administrator 2025-04-20 N/A
Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code.
CVE-2016-8228 1 Lenovo 1 Lenovo Service Bridge 2025-04-20 N/A
In Lenovo Service Bridge before version 4, a user with local privileges on a system could execute code with administrative privileges.
CVE-2016-8235 1 Lenovo 1 Customer Care Software Development Kit 2025-04-20 N/A
Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges.