Search
Total
1819 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-12728 | 1 Spidercontrol | 1 Scada Webserver | 2020-08-19 | 7.2 HIGH | 7.8 HIGH |
| An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the context of the current system services. | |||||
| CVE-2013-2012 | 2 Autojump Project, Debian | 2 Autojump, Debian Linux | 2020-08-18 | 4.4 MEDIUM | 7.3 HIGH |
| autojump before 21.5.8 allows local users to gain privileges via a Trojan horse custom_install directory in the current working directory. | |||||
| CVE-2014-9322 | 6 Canonical, Google, Linux and 3 more | 6 Ubuntu Linux, Android, Linux Kernel and 3 more | 2020-08-14 | 7.2 HIGH | 7.8 HIGH |
| arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space. | |||||
| CVE-2014-5207 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2020-08-14 | 6.2 MEDIUM | N/A |
| fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace. | |||||
| CVE-2014-5206 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2020-08-14 | 7.2 HIGH | N/A |
| The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace. | |||||
| CVE-2014-3534 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2020-08-14 | 7.2 HIGH | N/A |
| arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a crafted application that makes a ptrace system call. | |||||
| CVE-2014-4943 | 5 Debian, Linux, Opensuse and 2 more | 6 Debian Linux, Linux Kernel, Opensuse and 3 more | 2020-08-14 | 6.9 MEDIUM | N/A |
| The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. | |||||
| CVE-2014-1526 | 4 Canonical, Fedoraproject, Mozilla and 1 more | 5 Ubuntu Linux, Fedora, Firefox and 2 more | 2020-08-14 | 6.8 MEDIUM | N/A |
| The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects. | |||||
| CVE-2010-4258 | 4 Fedoraproject, Linux, Opensuse and 1 more | 7 Fedora, Linux Kernel, Opensuse and 4 more | 2020-08-14 | 6.2 MEDIUM | N/A |
| The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call. | |||||
| CVE-2010-4347 | 3 Linux, Opensuse, Suse | 3 Linux Kernel, Opensuse, Linux Enterprise Real Time Extension | 2020-08-14 | 6.9 MEDIUM | N/A |
| The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs custom_method file, which allows local users to gain privileges by placing a custom ACPI method in the ACPI interpreter tables, related to the acpi_debugfs_init function in drivers/acpi/debugfs.c. | |||||
| CVE-2010-3301 | 3 Canonical, Linux, Suse | 3 Ubuntu Linux, Linux Kernel, Linux Enterprise Real Time Extension | 2020-08-14 | 7.2 HIGH | N/A |
| The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression. | |||||
| CVE-2012-3993 | 1 Mozilla | 5 Firefox, Firefox Esr, Seamonkey and 2 more | 2020-08-13 | 9.3 HIGH | N/A |
| The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site, related to an "XrayWrapper pollution" issue. | |||||
| CVE-2020-11552 | 1 Zohocorp | 1 Manageengine Adselfservice Plus | 2020-08-13 | 10.0 HIGH | 9.8 CRITICAL |
| An elevation of privilege vulnerability exists in ManageEngine ADSelfService Plus before build 6003 because it does not properly enforce user privileges associated with a Certificate dialog. This vulnerability could allow an unauthenticated attacker to escalate privileges on a Windows host. An attacker does not require any privilege on the target system in order to exploit this vulnerability. One option is the self-service option on the Windows login screen. Upon selecting this option, the thick-client software is launched, which connects to a remote ADSelfService Plus server to facilitate self-service operations. An unauthenticated attacker having physical access to the host could trigger a security alert by supplying a self-signed SSL certificate to the client. The View Certificate option from the security alert allows an attacker to export a displayed certificate to a file. This can further cascade to a dialog that can open Explorer as SYSTEM. By navigating from Explorer to \windows\system32, cmd.exe can be launched as a SYSTEM. | |||||
| CVE-2014-3689 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2020-08-11 | 7.2 HIGH | N/A |
| The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling. | |||||
| CVE-2016-2854 | 1 Linux | 1 Linux Kernel | 2020-08-07 | 4.6 MEDIUM | 7.8 HIGH |
| The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory. | |||||
| CVE-2020-5617 | 1 Skygroup | 1 Skysea Client View | 2020-08-06 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege escalation vulnerability in SKYSEA Client View Ver.12.200.12n to 15.210.05f allows an attacker to obtain unauthorized privileges and modify/obtain sensitive information or perform unintended operations via unspecified vectors. | |||||
| CVE-2016-2066 | 1 Linux | 1 Linux Kernel | 2020-08-06 | 6.8 MEDIUM | 7.8 HIGH |
| Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application that makes an ioctl call. | |||||
| CVE-2014-1529 | 7 Canonical, Debian, Fedoraproject and 4 more | 16 Ubuntu Linux, Debian Linux, Fedora and 13 more | 2020-08-06 | 9.3 HIGH | 8.8 HIGH |
| The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted. | |||||
| CVE-2008-2931 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2020-08-06 | 7.2 HIGH | 7.8 HIGH |
| The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. | |||||
| CVE-2014-1511 | 6 Canonical, Debian, Mozilla and 3 more | 17 Ubuntu Linux, Debian Linux, Firefox and 14 more | 2020-08-05 | 7.5 HIGH | 9.8 CRITICAL |
| Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors. | |||||
| CVE-2014-1496 | 2 Mozilla, Suse | 7 Firefox, Firefox Esr, Seamonkey and 4 more | 2020-08-05 | 1.9 LOW | 5.5 MEDIUM |
| Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update. | |||||
| CVE-2020-5773 | 1 Teltonika-networks | 2 Trb245, Trb245 Firmware | 2020-08-04 | 6.5 MEDIUM | 8.8 HIGH |
| Improper Access Control in Teltonika firmware TRB2_R_00.02.04.01 allows a low privileged user to perform unauthorized write operations. | |||||
| CVE-2016-2061 | 1 Linux | 1 Linux Kernel | 2020-08-04 | 6.8 MEDIUM | 7.8 HIGH |
| Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (array overflow and memory corruption) via a crafted application that triggers an msm_isp_axi_create_stream call. | |||||
| CVE-2016-2067 | 2 Google, Linux | 2 Android, Linux Kernel | 2020-08-04 | 9.3 HIGH | 7.8 HIGH |
| drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, mishandles the KGSL_MEMFLAGS_GPUREADONLY flag, which allows attackers to gain privileges by leveraging accidental read-write mappings, aka Qualcomm internal bug CR988993. | |||||
| CVE-2019-4589 | 1 Ibm | 1 Cognos Analytics | 2020-08-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Cognos Analytics 11.0 and 11.1 is vulnerable to privlege escalation where the "My schedules and subscriptions" page is visible and accessible to a less privileged user. IBM X-Force ID: 167449. | |||||
| CVE-2014-1510 | 6 Canonical, Debian, Mozilla and 3 more | 17 Ubuntu Linux, Debian Linux, Firefox and 14 more | 2020-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call. | |||||
| CVE-2016-2059 | 2 Google, Linux | 2 Android, Linux Kernel | 2020-08-03 | 4.4 MEDIUM | 7.0 HIGH |
| The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify that a port is a client port, which allows attackers to gain privileges or cause a denial of service (race condition and list corruption) by making many BIND_CONTROL_PORT ioctl calls. | |||||
| CVE-2020-14493 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2020-07-30 | 6.5 MEDIUM | 8.8 HIGH |
| A low-privilege user may use SQL syntax to write arbitrary files to the OpenClinic GA 5.09.02 and 5.89.05b server, which may allow the execution of arbitrary commands. | |||||
| CVE-2020-1431 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'. | |||||
| CVE-2020-9669 | 2 Adobe, Microsoft | 2 Creative Cloud, Windows | 2020-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2020-7578 | 1 Siemens | 1 Opcenter Execution Core | 2020-07-17 | 5.5 MEDIUM | 8.1 HIGH |
| A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions < V8.2). Authenticated users could have access to resources they normally would not have. This vulnerability could allow an attacker to view internal information and perform unauthorized changes. | |||||
| CVE-2020-7283 | 1 Mcafee | 1 Total Protection | 2020-07-13 | 4.6 MEDIUM | 8.8 HIGH |
| Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. This is achieved through running a malicious script or program on the target machine. | |||||
| CVE-2020-6013 | 1 Checkpoint | 1 Zonealarm Extreme Security | 2020-07-13 | 6.5 MEDIUM | 8.8 HIGH |
| ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to execute code at elevated privileges through a combination of file permission manipulation and exploitation of Windows CVE-2020-00896 on unpatched systems. | |||||
| CVE-2020-8179 | 1 Nextcloud | 1 Deck | 2020-07-08 | 4.0 MEDIUM | 4.1 MEDIUM |
| Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks. | |||||
| CVE-2017-18884 | 1 Mattermost | 1 Mattermost Server | 2020-06-30 | 5.5 MEDIUM | 8.1 HIGH |
| An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by using a registered OAuth application with personal access tokens. | |||||
| CVE-2017-18885 | 1 Mattermost | 1 Mattermost Server | 2020-06-26 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows attackers to gain privileges by accessing unintended API endpoints on a user's behalf. | |||||
| CVE-2019-20886 | 1 Mattermost | 1 Mattermost Server | 2020-06-23 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Server before 5.8.0. The first user is sometimes inadvertently a system admin. | |||||
| CVE-2020-9225 | 1 Huawei | 1 Fusionsphere Openstack | 2020-06-22 | 4.6 MEDIUM | 7.8 HIGH |
| FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain operations beyond its privilege. | |||||
| CVE-2020-12850 | 1 Pydio | 1 Cells | 2020-06-22 | 6.9 MEDIUM | 7.0 HIGH |
| The following vulnerability applies only to the Pydio Cells Enterprise OVF version 2.0.4. Prior versions of the Pydio Cells Enterprise OVF (such as version 2.0.3) have a looser policy restriction allowing the “pydio” user to execute any privileged command using sudo. In version 2.0.4 of the appliance, the user pydio is responsible for running all the services and binaries that are contained in the Pydio Cells web application package, such as mysqld, cells, among others. This user has privileges restricted to run those services and nothing more. | |||||
| CVE-2020-12713 | 1 Ciphermail | 2 Gateway, Webmail Messenger | 2020-06-22 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered in CipherMail Community Gateway and Professional/Enterprise Gateway 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger 1.1.1 through 3.1.1-0. Attackers with administrative access to the web interface have multiple options to escalate their privileges to the Unix root account. | |||||
| CVE-2020-7014 | 1 Elastic | 1 Elasticsearch | 2020-06-19 | 6.5 MEDIUM | 8.8 HIGH |
| The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges. | |||||
| CVE-2020-7509 | 1 Schneider-electric | 2 Easergy T300, Easergy T300 Firmware | 2020-06-17 | 6.5 MEDIUM | 7.2 HIGH |
| A CWE-269: Improper privilege management (write) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to elevate their privileges and delete files. | |||||
| CVE-2020-7280 | 1 Mcafee | 1 Virusscan Enterprise | 2020-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent. | |||||
| CVE-2020-8320 | 1 Lenovo | 200 Thinkpad 11e, Thinkpad 11e Firmware, Thinkpad 11e Yoga Gen 6 and 197 more | 2020-06-17 | 4.6 MEDIUM | 6.8 MEDIUM |
| An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege. | |||||
| CVE-2019-3617 | 1 Mcafee | 1 Total Protection | 2020-06-16 | 6.9 MEDIUM | 8.2 HIGH |
| Privilege escalation vulnerability in McAfee Total Protection (ToPS) for Mac OS prior to 4.6 allows local users to gain root privileges via incorrect protection of temporary files. | |||||
| CVE-2020-13854 | 1 Pandorafms | 1 Pandora Fms | 2020-06-11 | 10.0 HIGH | 9.8 CRITICAL |
| Artica Pandora FMS 7.44 allows privilege escalation. | |||||
| CVE-2020-3250 | 1 Cisco | 2 Ucs Director, Ucs Director Express For Big Data | 2020-06-05 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2020-3243 | 1 Cisco | 2 Ucs Director, Ucs Director Express For Big Data | 2020-06-05 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2020-9046 | 1 Johnsoncontrols | 1 Kantech Entrapass | 2020-06-03 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files. | |||||
| CVE-2013-6391 | 3 Canonical, Openstack, Redhat | 3 Ubuntu Linux, Keystone, Openstack | 2020-06-02 | 5.8 MEDIUM | N/A |
| The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2tokens API request. | |||||