Total
5442 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-6322 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2024-08-06 | N/A |
The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1(8) allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-path validation, aka Bug ID CSCuv48563. | ||||
CVE-2015-6315 | 1 Cisco | 1 Aironet Access Point Software | 2024-08-06 | N/A |
Cisco Aironet 1850 access points with software 8.1(112.4) allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694. | ||||
CVE-2015-6341 | 1 Cisco | 1 Wireless Lan Controller Software | 2024-08-06 | N/A |
The Web Management GUI on Cisco Wireless LAN Controller (WLC) devices with software 7.4(140.0) and 8.0(120.0) allows remote attackers to cause a denial of service (client disconnection) via unspecified vectors, aka Bug ID CSCuw10610. | ||||
CVE-2015-6306 | 3 Apple, Cisco, Linux | 3 Mac Os X, Anyconnect Secure Mobility Client, Linux Kernel | 2024-08-06 | N/A |
Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation file, aka Bug ID CSCuv11947. | ||||
CVE-2015-6173 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8 and 6 more | 2024-08-06 | N/A |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6171 and CVE-2015-6174. | ||||
CVE-2015-6335 | 1 Cisco | 1 Firesight System Software | 2024-08-06 | N/A |
The policy implementation in Cisco FireSIGHT Management Center 5.3.1.7, 5.4.0.4, and 6.0.0 for VMware allows remote authenticated administrators to bypass intended policy restrictions and execute Linux commands as root via unspecified vectors, aka Bug ID CSCuw12839. | ||||
CVE-2015-6296 | 1 Cisco | 1 Prime Network Registrar | 2024-08-06 | N/A |
Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allows local users to obtain root access by leveraging knowledge of the credentials, aka Bug ID CSCuw21825. | ||||
CVE-2015-6265 | 1 Cisco | 1 Application Control Engine 4700 | 2024-08-06 | N/A |
The CLI in Cisco Application Control Engine (ACE) 4700 A5 3.0 and earlier allows local users to bypass intended access restrictions, and read or write to files, by entering an unspecified CLI command with a crafted file as this command's input, aka Bug ID CSCur23662. | ||||
CVE-2015-6133 | 1 Microsoft | 6 Windows 10, Windows 8, Windows 8.1 and 3 more | 2024-08-06 | N/A |
Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability." | ||||
CVE-2015-6132 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8 and 6 more | 2024-08-06 | N/A |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability." | ||||
CVE-2015-6171 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8 and 6 more | 2024-08-06 | N/A |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6173 and CVE-2015-6174. | ||||
CVE-2015-6170 | 1 Microsoft | 1 Edge | 2024-08-06 | N/A |
Microsoft Edge allows remote attackers to gain privileges via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability." | ||||
CVE-2015-6174 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8 and 6 more | 2024-08-06 | N/A |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6171 and CVE-2015-6173. | ||||
CVE-2015-6100 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8 and 6 more | 2024-08-06 | N/A |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6101. | ||||
CVE-2015-6139 | 1 Microsoft | 2 Edge, Internet Explorer | 2024-08-06 | N/A |
Microsoft Internet Explorer 11 and Microsoft Edge mishandle content types, which allows remote attackers to execute arbitrary web script in a privileged context via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability." | ||||
CVE-2015-6098 | 1 Microsoft | 3 Windows 7, Windows Server 2008, Windows Vista | 2024-08-06 | N/A |
Buffer overflow in the Network Driver Interface Standard (NDIS) implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows NDIS Elevation of Privilege Vulnerability." | ||||
CVE-2015-6101 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8 and 6 more | 2024-08-06 | N/A |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6100. | ||||
CVE-2015-6034 | 1 Epson | 1 Network Utility | 2024-08-06 | N/A |
EPSON Network Utility 4.10 uses weak permissions (Everyone: Full Control) for eEBSVC.exe, which allows local users to gain privileges via a Trojan horse file. | ||||
CVE-2015-5995 | 2 Mediabridge, Tenda | 3 Medialink Mwn-wapr300n, Medialink Mwn-wapr300n Firmware, N3 Wireless N150 | 2024-08-06 | N/A |
Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 and Tenda N3 Wireless N150 devices allow remote attackers to obtain administrative access via a certain admin substring in an HTTP Cookie header. | ||||
CVE-2015-6030 | 2 Hp, Microfocus | 7 Arcsight Command Center, Arcsight Connector Appliance, Arcsight Connectors and 4 more | 2024-08-06 | N/A |
HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access. |