Search
Total
152 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-0763 | 3 Apache, Canonical, Debian | 3 Tomcat, Ubuntu Linux, Debian Linux | 2023-12-08 | 6.5 MEDIUM | 6.3 MEDIUM |
| The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context. | |||||
| CVE-2015-6423 | 1 Cisco | 1 Adaptive Security Appliance Software | 2023-08-11 | 3.5 LOW | 4.3 MEDIUM |
| The DCERPC Inspection implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 through 9.5.1 allows remote authenticated users to bypass an intended DCERPC-only ACL by sending arbitrary network traffic, aka Bug ID CSCuu67782. | |||||
| CVE-2022-29444 | 1 Cloudways | 1 Breeze | 2022-05-09 | 3.5 LOW | 5.4 MEDIUM |
| Plugin Settings Change leading to Cross-Site Scripting (XSS) vulnerability in Cloudways Breeze plugin <= 2.0.2 on WordPress allows users with a subscriber or higher user role to execute any of the wp_ajax_* actions in the class Breeze_Configuration which includes the ability to change any of the plugin's settings including CDN setting which could be further used for XSS attack. | |||||
| CVE-2016-8769 | 1 Huawei | 1 Utps Firmware | 2021-08-27 | 7.2 HIGH | 6.7 MEDIUM |
| Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983 has an unquoted service path vulnerability which can lead to the truncation of UTPS service query paths. An attacker may put an executable file in the search path of the affected service and obtain elevated privileges after the executable file is executed. | |||||
| CVE-2014-4919 | 1 Oxid-esales | 1 Eshop | 2021-01-19 | 5.8 MEDIUM | 5.4 MEDIUM |
| OXID eShop Professional Edition before 4.7.13 and 4.8.x before 4.8.7, Enterprise Edition before 5.0.13 and 5.1.x before 5.1.7, and Community Edition before 4.7.13 and 4.8.x before 4.8.7 allow remote attackers to assign users to arbitrary dynamical user groups. | |||||
| CVE-2016-0230 | 1 Ibm | 1 Hardware Management Console | 2020-12-09 | 7.2 HIGH | 6.8 MEDIUM |
| IBM Power Hardware Management Console (HMC) 7.3 through 7.3.0 SP7, 7.9 through 7.9.0 SP3, 8.1 through 8.1.0 SP3, 8.2 through 8.2.0 SP2, 8.3 through 8.3.0 SP2, 8.4 through 8.4.0 SP1, and 8.5.0 allows physically proximate attackers to obtain root access via unspecified vectors. | |||||
| CVE-2016-0724 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2020-12-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| The (1) core_enrol_get_course_enrolment_methods and (2) enrol_self_get_instance_info web services in Moodle through 2.6.11, 2.7.x before 2.7.12, 2.8.x before 2.8.10, 2.9.x before 2.9.4, and 3.0.x before 3.0.2 do not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to obtain sensitive information via a web-service request. | |||||
| CVE-2015-5264 | 1 Moodle | 1 Moodle | 2020-12-01 | 5.5 MEDIUM | 5.4 MEDIUM |
| The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to bypass intended access restrictions and enter additional answer attempts by leveraging the student role. | |||||
| CVE-2015-5340 | 1 Moodle | 1 Moodle | 2020-12-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not consider the moodle/badges:viewbadges capability, which allows remote authenticated users to obtain sensitive badge information via a request involving (1) badges/overview.php or (2) badges/view.php. | |||||
| CVE-2015-5265 | 1 Moodle | 1 Moodle | 2020-12-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| The wiki component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 does not consider the mod/wiki:managefiles capability before authorizing file management, which allows remote authenticated users to delete arbitrary files by using a manage-files button in a text editor. | |||||
| CVE-2015-5342 | 1 Moodle | 1 Moodle | 2020-12-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| The choice module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allows remote authenticated users to bypass intended access restrictions by visiting a URL to add or delete responses in the closed state. | |||||
| CVE-2015-5268 | 1 Moodle | 1 Moodle | 2020-12-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| The rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 mishandles group-based authorization checks, which allows remote authenticated users to obtain sensitive information by reading a rating value. | |||||
| CVE-2015-5339 | 1 Moodle | 1 Moodle | 2020-12-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| The core_enrol_get_enrolled_users web service in enrol/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly implement group-based access restrictions, which allows remote authenticated users to obtain sensitive course-participant information via a web-service request. | |||||
| CVE-2015-5341 | 1 Moodle | 1 Moodle | 2020-12-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors. | |||||
| CVE-2016-2190 | 1 Moodle | 1 Moodle | 2020-12-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log. | |||||
| CVE-2015-5272 | 1 Moodle | 1 Moodle | 2020-12-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Forum module in Moodle 2.7.x before 2.7.10 allows remote authenticated users to post to arbitrary groups by leveraging the teacher role, as demonstrated by a post directed to "all participants." | |||||
| CVE-2016-2155 | 1 Moodle | 1 Moodle | 2020-12-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| The grade-reporting feature in Singleview (aka Single View) in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/grade:manage capability, which allows remote authenticated users to modify "Exclude grade" settings by leveraging the Non-Editing Instructor role. | |||||
| CVE-2015-5266 | 1 Moodle | 1 Moodle | 2020-12-01 | 4.9 MEDIUM | 6.8 MEDIUM |
| The enrol_meta_sync function in enrol/meta/locallib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to obtain manager privileges in opportunistic circumstances by leveraging incorrect role processing during a long-running sync script. | |||||
| CVE-2016-8644 | 1 Moodle | 1 Moodle | 2020-12-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Moodle 2.x and 3.x, the capability to view course notes is checked in the wrong context. | |||||
| CVE-2015-3273 | 1 Moodle | 1 Moodle | 2020-12-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing "Post a copy to all groups" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group authorization. | |||||
| CVE-2016-3051 | 1 Ibm | 1 Security Access Manager 9.0 Firmware | 2020-10-27 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Security Access Manager for Web 9.0.0 could allow an authenticated user to access some privileged functionality of the server. IBM X-Force ID: 114714. | |||||
| CVE-2016-7142 | 2 Debian, Inspircd | 2 Debian Linux, Inspircd | 2020-09-14 | 4.3 MEDIUM | 5.9 MEDIUM |
| The m_sasl module in InspIRCd before 2.0.23, when used with a service that supports SASL_EXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message. | |||||
| CVE-2016-10364 | 1 Elastic | 1 Kibana | 2020-08-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions. | |||||
| CVE-2016-8216 | 1 Dell | 1 Emc Data Domain Os | 2020-01-23 | 7.2 HIGH | 6.7 MEDIUM |
| EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all versions prior to 5.6.2.0, EMC Data Domain OS (DD OS) 5.7 family all versions prior to 5.7.2.10 has a command injection vulnerability that could potentially be exploited by malicious users to compromise the affected system. | |||||
| CVE-2019-1660 | 1 Cisco | 1 Telepresence Management Suite | 2019-10-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to a lack of proper access and authentication controls on the affected TMS software. An attacker could exploit this vulnerability by gaining access to internal, trusted networks to send crafted SOAP calls to the affected device. If successful, an exploit could allow the attacker to access system management tools. Under normal circumstances, this access should be prohibited. | |||||
| CVE-2016-8629 | 1 Redhat | 3 Enterprise Linux Server, Keycloak, Single Sign On | 2019-10-09 | 5.5 MEDIUM | 6.5 MEDIUM |
| Red Hat Keycloak before version 2.4.0 did not correctly check permissions when handling service account user deletion requests sent to the rest server. An attacker with service account authentication could use this flaw to bypass normal permissions and delete users in a separate realm. | |||||
| CVE-2016-2121 | 1 Redhat | 1 Openstack | 2019-10-09 | 2.1 LOW | 5.5 MEDIUM |
| A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use this flaw to access unauthorized system information. | |||||
| CVE-2014-2019 | 1 Apple | 1 Iphone Os | 2019-09-27 | 4.9 MEDIUM | 4.6 MEDIUM |
| The iCloud subsystem in Apple iOS before 7.1 allows physically proximate attackers to bypass an intended password requirement, and turn off the Find My iPhone service or complete a Delete Account action and then associate this service with a different Apple ID account, by entering an arbitrary iCloud Account Password value and a blank iCloud Account Description value. | |||||
| CVE-2016-10929 | 1 Advanced Ajax Page Loader Project | 1 Advanced Ajax Page Loader | 2019-08-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in. | |||||
| CVE-2017-18450 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 4.4 MEDIUM | 4.5 MEDIUM |
| cPanel before 64.0.21 allows certain file-chmod operations via /scripts/convert_roundcube_mysql2sqlite (SEC-255). | |||||
| CVE-2017-18451 | 1 Cpanel | 1 Cpanel | 2019-08-06 | 5.0 MEDIUM | 5.3 MEDIUM |
| cPanel before 64.0.21 allows attackers to read a user's crontab file during a short time interval upon a cPAddon upgrade (SEC-257). | |||||
| CVE-2018-10239 | 1 Infoblox | 1 Nios | 2019-06-20 | 7.2 HIGH | 6.7 MEDIUM |
| A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally authenticated administrator to temporarily gain additional privileges on an affected device and perform actions within the super user scope. The vulnerability is due to a weakness in the "support access" password generation algorithm. A locally authenticated administrative user may be able to exploit this vulnerability if the "support access" feature is enabled, they know the support access code for the current session, and they know the algorithm to generate the support access password from the support access code. "Support access" is disabled by default. When enabled, the access will be automatically disabled (and support access code will expire) after the 24 hours. | |||||
| CVE-2016-3302 | 1 Microsoft | 4 Windows 10, Windows 8.1, Windows Rt 8.1 and 1 more | 2019-05-16 | 6.2 MEDIUM | 6.3 MEDIUM |
| Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607, when the lock screen is enabled, do not properly restrict the loading of web content, which allows physically proximate attackers to execute arbitrary code via a (1) crafted Wi-Fi access point or (2) crafted mobile-broadband device, aka "Windows Lock Screen Elevation of Privilege Vulnerability." | |||||
| CVE-2019-0796 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2019-05-08 | 2.1 LOW | 5.5 MEDIUM |
| An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841. | |||||
| CVE-2014-1889 | 1 Buddypress | 1 Buddypress | 2019-04-26 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Group creation process in the Buddypress plugin before 1.9.2 for WordPress allows remote authenticated users to gain control of arbitrary groups by leveraging a missing permissions check. | |||||
| CVE-2015-0861 | 2 Debian, Tryton | 2 Debian Linux, Trytond | 2019-02-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3.8.x before 3.8.1 allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields via a sequence of records. | |||||
| CVE-2016-9345 | 1 Emerson | 1 Deltav | 2018-11-01 | 4.9 MEDIUM | 6.8 MEDIUM |
| An issue was discovered in Emerson DeltaV Easy Security Management DeltaV V12.3, DeltaV V12.3.1, and DeltaV V13.3. Critical vulnerabilities may allow a local attacker to elevate privileges within the DeltaV control system. | |||||
| CVE-2016-1625 | 3 Debian, Google, Opensuse | 3 Debian Linux, Chrome, Opensuse | 2018-10-30 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Chrome Instant feature in Google Chrome before 48.0.2564.109 does not ensure that a New Tab Page (NTP) navigation target is on the most-visited or suggestions list, which allows remote attackers to bypass intended restrictions via unspecified vectors, related to instant_service.cc and search_tab_helper.cc. | |||||
| CVE-2016-4036 | 1 Opensuse | 2 Leap, Opensuse | 2018-10-30 | 2.1 LOW | 5.5 MEDIUM |
| The quagga package before 0.99.23-2.6.1 in openSUSE and SUSE Linux Enterprise Server 11 SP 1 uses weak permissions for /etc/quagga, which allows local users to obtain sensitive information by reading files in the directory. | |||||
| CVE-2016-7216 | 1 Microsoft | 3 Windows 7, Windows Server 2008, Windows Vista | 2018-10-12 | 2.1 LOW | 5.5 MEDIUM |
| The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandles permissions, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability." | |||||
| CVE-2016-3258 | 1 Microsoft | 4 Windows 10, Windows 8.1, Windows Rt 8.1 and 1 more | 2018-10-12 | 1.2 LOW | 4.7 MEDIUM |
| Race condition in the kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Low Integrity protection mechanism and write to files by leveraging unspecified object-manager features, aka "Windows File System Security Feature Bypass." | |||||
| CVE-2016-3372 | 1 Microsoft | 2 Windows Server 2008, Windows Vista | 2018-10-12 | 3.6 LOW | 6.6 MEDIUM |
| The kernel API in Microsoft Windows Vista SP2 and Windows Server 2008 SP2 does not properly enforce permissions, which allows local users to spoof processes, spoof inter-process communication, or cause a denial of service via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability." | |||||
| CVE-2016-3388 | 1 Microsoft | 2 Edge, Internet Explorer | 2018-10-12 | 2.6 LOW | 5.3 MEDIUM |
| Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3387. | |||||
| CVE-2016-3373 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2018-10-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly implement registry access control, which allows local users to obtain sensitive account information via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability." | |||||
| CVE-2016-0133 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2018-10-12 | 7.2 HIGH | 6.8 MEDIUM |
| The USB Mass Storage Class driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows physically proximate attackers to execute arbitrary code by inserting a crafted USB device, aka "USB Mass Storage Elevation of Privilege Vulnerability." | |||||
| CVE-2016-5847 | 1 Sap | 1 Sapcar Archive Tool | 2018-10-09 | 4.4 MEDIUM | 5.8 MEDIUM |
| SAP SAPCAR allows local users to change the permissions of arbitrary files and consequently gain privileges via a hard link attack on files extracted from an archive, possibly related to SAP Security Note 2327384. | |||||
| CVE-2014-3752 | 1 Gdata-software | 1 Totalprotection | 2018-10-09 | 7.2 HIGH | 6.7 MEDIUM |
| The MiniIcpt.sys driver in G Data TotalProtection 2014 24.0.2.1 and earlier allows local users with administrator rights to execute arbitrary code with SYSTEM privileges via a crafted 0x83170180 call. | |||||
| CVE-2014-2079 | 2 Debian, X File Explorer Project | 2 Debian Linux, X File Explorer | 2018-09-15 | 2.1 LOW | 5.5 MEDIUM |
| X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares. | |||||
| CVE-2014-2532 | 2 Openbsd, Oracle | 2 Openssh, Communications User Data Repository | 2018-07-19 | 5.8 MEDIUM | 4.9 MEDIUM |
| sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character. | |||||
| CVE-2016-2126 | 1 Samba | 1 Samba | 2018-05-11 | 4.0 MEDIUM | 6.5 MEDIUM |
| Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions. | |||||