Search Results (5495 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-5244 1 Mod Nss Project 1 Mod Nss 2025-04-20 N/A
The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers to bypass application restrictions.
CVE-2015-8089 1 Huawei 6 P7-l00, P7-l00 Firmware, P7-l05 and 3 more 2025-04-20 N/A
The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service (system crash) or gain privileges via a crafted application.
CVE-2015-8110 1 Lenovo 1 Lenovo System Update 2025-04-20 N/A
Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by navigating to (1) "Click here to learn more" or (2) "View privacy policy" within the Tvsukernel.exe GUI application in the context of a temporary administrator account, aka a "local privilege escalation vulnerability."
CVE-2015-8621 1 Tcoffee 1 T-coffee 2025-04-20 N/A
t-coffee before 11.00.8cbe486-2 allows local users to write to ~/.t_coffee globally.
CVE-2015-8671 1 Huawei 1 Logcenter 2025-04-20 N/A
Huawei LogCenter V100R001C10 could allow an authenticated attacker to tamper with requests using a tool and submit a request to the server for privilege escalation, affecting some system functions.
CVE-2016-10013 1 Xen 1 Xen 2025-04-20 N/A
Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.
CVE-2016-10044 2 Google, Linux 2 Android, Linux Kernel 2025-04-20 7.8 High
The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.
CVE-2016-10117 1 Firejail Project 1 Firejail 2025-04-20 N/A
Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.
CVE-2016-10086 5 Ca, Ibm, Linux and 2 more 6 Service Desk Management, Service Desk Manager, Aix and 3 more 2025-04-20 N/A
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.
CVE-2016-10089 1 Nagios 1 Nagios 2025-04-20 N/A
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.
CVE-2016-10118 1 Firejail Project 1 Firejail 2025-04-20 N/A
Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.
CVE-2016-10119 1 Firejail Project 1 Firejail 2025-04-20 N/A
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
CVE-2016-10120 1 Firejail Project 1 Firejail 2025-04-20 N/A
Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.
CVE-2016-10121 1 Firejail Project 1 Firejail 2025-04-20 N/A
Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.
CVE-2016-10122 1 Firejail Project 1 Firejail 2025-04-20 N/A
Firejail does not properly clean environment variables, which allows local users to gain privileges.
CVE-2016-10123 1 Firejail Project 1 Firejail 2025-04-20 N/A
Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.
CVE-2016-10126 1 Splunk 1 Splunk 2025-04-20 N/A
Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via unspecified vectors, aka SPL-128840.
CVE-2016-10150 1 Linux 1 Linux Kernel 2025-04-20 9.8 Critical
Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls on the /dev/kvm device.
CVE-2016-10151 1 Hesiod Project 1 Hesiod 2025-04-20 N/A
The hesiod_init function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the (1) HESIOD_CONFIG or (2) HES_DOMAIN environment variable and leveraging certain SUID/SGUID binary.
CVE-2016-10152 1 Hesiod Project 1 Hesiod 2025-04-20 N/A
The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache.