Search
Total
144 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-1510 | 6 Canonical, Debian, Mozilla and 3 more | 17 Ubuntu Linux, Debian Linux, Firefox and 14 more | 2020-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call. | |||||
| CVE-2020-9669 | 2 Adobe, Microsoft | 2 Creative Cloud, Windows | 2020-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2017-18885 | 1 Mattermost | 1 Mattermost Server | 2020-06-26 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by accessing unintended API endpoints on a user's behalf. | |||||
| CVE-2020-13854 | 1 Pandorafms | 1 Pandora Fms | 2020-06-11 | 10.0 HIGH | 9.8 CRITICAL |
| Artica Pandora FMS 7.44 allows privilege escalation. | |||||
| CVE-2020-3243 | 1 Cisco | 2 Ucs Director, Ucs Director Express For Big Data | 2020-06-05 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2020-3250 | 1 Cisco | 2 Ucs Director, Ucs Director Express For Big Data | 2020-06-05 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2017-13707 | 1 Axcient | 1 Replibit | 2020-05-28 | 10.0 HIGH | 9.8 CRITICAL |
| Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers to gain root privileges via sudo command execution. The vi program can be accessed through sudo, in order to navigate the filesystem and modify a critical file such as /etc/passwd. | |||||
| CVE-2017-7312 | 1 Personifycorp | 1 Personify360 | 2020-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, anyone can add a vendor account or read existing vendor account data (including usernames and passwords). | |||||
| CVE-2020-11799 | 1 Z-cron | 1 Z-cron | 2020-04-22 | 7.5 HIGH | 9.8 CRITICAL |
| Z-Cron 5.6 Build 04 allows an unprivileged attacker to elevate privileges by modifying a privileged user's task. This can also affect all users who are signed in on the system if a shell is placed in a location that other unprivileged users have access to. | |||||
| CVE-2020-11708 | 1 Provideserver | 1 Provide Ftp Server | 2020-04-13 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in ProVide (formerly zFTPServer) through 13.1. Privilege escalation can occur via the /ajax/SetUserInfo messages parameter because of the EXECUTE() feature, which is for executing programs when certain events are triggered. | |||||
| CVE-2020-5253 | 1 Nethack | 1 Nethack | 2020-03-20 | 7.5 HIGH | 9.8 CRITICAL |
| NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. This bug is patched in NetHack 3.6.0. | |||||
| CVE-2020-8113 | 1 Gitlab | 1 Gitlab | 2020-03-18 | 7.5 HIGH | 9.8 CRITICAL |
| GitLab 10.7 and later through 12.7.2 has Incorrect Access Control. | |||||
| CVE-2013-3323 | 1 Ibm | 13 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 10 more | 2020-02-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access. | |||||
| CVE-2013-6295 | 1 Prestashop | 1 Prestashop | 2020-02-21 | 7.5 HIGH | 9.8 CRITICAL |
| PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module | |||||
| CVE-2014-4170 | 1 Freereprintables | 1 Articlefr | 2020-02-19 | 7.5 HIGH | 9.8 CRITICAL |
| A Privilege Escalation Vulnerability exists in Free Reprintables ArticleFR 11.06.2014 due to insufficient access restrictions in the data.php script, which could let a remote malicious user obtain access or modify or delete database information. | |||||
| CVE-2018-10143 | 1 Paloaltonetworks | 1 Expedition | 2020-02-17 | 10.0 HIGH | 9.8 CRITICAL |
| The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application. | |||||
| CVE-2015-2909 | 1 Netvu | 40 Ds2 \(dvtr\), Ds2 \(dvtr\) Firmware, Ds2 \(dvtu\) and 37 more | 2020-02-12 | 10.0 HIGH | 9.8 CRITICAL |
| Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to help ensure that the administrator configures login credentials, which makes it easier for remote attackers to obtain access by leveraging situations in which this warning was not heeded. NOTE: the vendor states "The user is presented with clear warnings on the GUI that they should set usernames and passwords." | |||||
| CVE-2015-3613 | 1 Fortinet | 1 Fortimanager | 2020-02-05 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP backup page | |||||
| CVE-2018-16272 | 1 Samsung | 20 Galaxy Gear, Galaxy Gear Firmware, Gear 2 and 17 more | 2020-01-30 | 7.5 HIGH | 9.8 CRITICAL |
| The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | |||||
| CVE-2013-5027 | 1 O-dyn | 1 Collabtive | 2019-12-30 | 7.5 HIGH | 9.8 CRITICAL |
| Collabtive 1.0 has incorrect access control | |||||
| CVE-2019-18425 | 1 Xen | 1 Xen | 2019-11-14 | 9.3 HIGH | 9.8 CRITICAL |
| An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table accesses are performed by the emulating code. Such accesses should respect the guest specified limits, unless otherwise guaranteed to fail in such a case. Without this, emulation of 32-bit guest user mode calls through call gates would allow guest user mode to install and then use descriptors of their choice, as long as the guest kernel did not itself install an LDT. (Most OSes don't install any LDT by default). 32-bit PV guest user mode can elevate its privileges to that of the guest kernel. Xen versions from at least 3.2 onwards are affected. Only 32-bit PV guest user mode can leverage this vulnerability. HVM, PVH, as well as 64-bit PV guests cannot leverage this vulnerability. Arm systems are unaffected. | |||||
| CVE-2019-18623 | 1 Energycap | 1 Energycap | 2019-11-12 | 7.5 HIGH | 9.8 CRITICAL |
| Escalation of privileges in EnergyCAP 7 through 7.5.6 allows an attacker to access data. If an unauthenticated user clicks on a link on the public dashboard, the resource opens in EnergyCAP with access rights matching the user who created the dashboard. | |||||
| CVE-2006-4243 | 1 Linux-vserver | 1 Linux-vserver | 2019-11-06 | 10.0 HIGH | 9.8 CRITICAL |
| linux vserver 2.6 before 2.6.17 suffers from privilege escalation in remount code. | |||||
| CVE-2019-16897 | 1 K7computing | 3 K7 Antivirus Premium, K7 Total Security, K7 Ultimate Security | 2019-10-31 | 7.5 HIGH | 9.8 CRITICAL |
| In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll module to facilitate escalation of privileges via inter-process communication with a service process. | |||||
| CVE-2018-21025 | 1 Centreon | 1 Centreon Vm | 2019-10-11 | 10.0 HIGH | 9.8 CRITICAL |
| In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files. | |||||
| CVE-2018-19725 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-10-10 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2018-0425 | 1 Cisco | 6 Rv110w Firmware, Rv110w Wireless-n Vpn Firewall, Rv130w and 3 more | 2019-10-09 | 5.0 MEDIUM | 9.8 CRITICAL |
| A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper access control to files within the web-based management interface. An attacker could exploit this vulnerability by sending malicious requests to a targeted device. A successful exploit could allow the attacker to gain access to sensitive configuration information, including user authentication credentials. | |||||
| CVE-2017-9944 | 1 Siemens | 2 7kt Pac1200 Data Manager, 7kt Pac1200 Data Manager Firmware | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the affected devices could allow an unauthenticated remote attacker to perform administrative operations over the network. | |||||
| CVE-2018-4310 | 1 Apple | 2 Iphone Os, Mac Os X | 2019-10-03 | 7.5 HIGH | 10.0 CRITICAL |
| An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14. | |||||
| CVE-2017-5142 | 1 Honeywell | 1 Xl Web Ii Controller | 2019-10-03 | 6.5 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. A user with low privileges is able to open and change the parameters by accessing a specific URL because of Improper Privilege Management. | |||||
| CVE-2017-14349 | 1 Hp | 1 Sitescope | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only accounts to view all SiteScope interfaces and monitors, potentially exposing sensitive data. | |||||
| CVE-2017-5624 | 1 Oneplus | 3 Oneplus 3, Oneplus 3t, Oxygenos | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can persistently make the (locked) bootloader start the platform with dm-verity disabled, by issuing the 'fastboot oem disable_dm_verity' command. Having dm-verity disabled, the kernel will not verify the system partition (and any other dm-verity protected partition), which may allow for persistent code execution and privilege escalation. | |||||
| CVE-2017-12635 | 1 Apache | 1 Couchdb | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including the special case '_admin' role, that denotes administrative users. In combination with CVE-2017-12636 (Remote Code Execution), this can be used to give non-admin users access to arbitrary shell commands on the server as the database system user. The JSON parser differences result in behaviour that if two 'roles' keys are available in the JSON, the second one will be used for authorising the document write, but the first 'roles' key is used for subsequent authorization for the newly created user. By design, users can not assign themselves roles. The vulnerability allows non-admin users to give themselves admin privileges. | |||||
| CVE-2017-11467 | 1 Orientdb | 1 Orientdb | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request. | |||||
| CVE-2017-1000003 | 1 Atutor | 1 Atutor | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Module component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Alternative Content component resulting in privilege escalation. | |||||
| CVE-2017-4982 | 1 Emc | 1 Mainframe Enablers Resourcepak Base | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1.0 contains a fix for a privilege management vulnerability that could potentially be exploited by malicious users to compromise the affected system. | |||||
| CVE-2018-9853 | 1 Freesshd | 1 Freesshd | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of the freesshd.exe process by leveraging the ability to login to an unprivileged account on the server. | |||||
| CVE-2017-6342 | 1 Dahuasecurity | 4 Camera Firmware, Dhi-hcvr7216a-s3, Nvr Firmware and 1 more | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPSS Software is launched, while on the login screen, the software in the background automatically logs in as admin. This allows sniffing sensitive information identified in CVE-2017-6341 without prior knowledge of the password. This is a different vulnerability than CVE-2013-6117. | |||||
| CVE-2018-1000141 | 1 I-librarian | 1 I Librarian | 2019-10-03 | 7.5 HIGH | 9.1 CRITICAL |
| I, Librarian version 4.9 and earlier contains an Incorrect Access Control vulnerability in ajaxdiscussion.php that can result in any users gaining unauthorized access (read, write and delete) to project discussions. | |||||
| CVE-2018-12596 | 1 Episerver | 1 Ektron Cms | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden (normally available exclusively for local admins). | |||||
| CVE-2012-5376 | 1 Google | 1 Chrome | 2019-09-27 | 9.3 HIGH | 9.6 CRITICAL |
| The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process, a different vulnerability than CVE-2012-5112. | |||||
| CVE-2016-10971 | 1 Membersonic | 1 Membersonic | 2019-09-18 | 7.5 HIGH | 9.8 CRITICAL |
| The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because only knowlewdge of an e-mail address is required. | |||||
| CVE-2016-10972 | 1 Tagdiv | 1 Newspaper | 2019-09-16 | 7.5 HIGH | 9.8 CRITICAL |
| The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel. | |||||
| CVE-2018-21013 | 1 Upperthemes | 1 Swape | 2019-09-09 | 7.5 HIGH | 9.8 CRITICAL |
| The Swape theme before 1.2.1 for WordPress has incorrect access control, as demonstrated by allowing new administrator accounts via vectors involving xmlPath to wp-admin/admin-ajax.php. | |||||