Total
5442 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-8656 | 1 Redhat | 1 Jboss Enterprise Application Platform | 2024-08-06 | N/A |
Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation. | ||||
CVE-2016-8591 | 1 Trendmicro | 1 Threat Discovery Appliance | 2024-08-06 | N/A |
log_query.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter. | ||||
CVE-2016-8632 | 1 Linux | 1 Linux Kernel | 2024-08-06 | 7.8 High |
The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability. | ||||
CVE-2016-8585 | 1 Trendmicro | 1 Threat Discovery Appliance | 2024-08-06 | N/A |
admin_sys_time.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the timezone parameter. | ||||
CVE-2016-8600 | 1 Dotcms | 1 Dotcms | 2024-08-06 | N/A |
In dotCMS 3.2.1, attacker can load captcha once, fill it with correct value and then this correct value is ok for forms with captcha check later. | ||||
CVE-2016-8586 | 1 Trendmicro | 1 Threat Discovery Appliance | 2024-08-06 | N/A |
detected_potential_files.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter. | ||||
CVE-2016-8592 | 1 Trendmicro | 1 Threat Discovery Appliance | 2024-08-06 | N/A |
log_query_system.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter. | ||||
CVE-2016-8589 | 1 Trendmicro | 1 Threat Discovery Appliance | 2024-08-06 | N/A |
log_query_dae.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter. | ||||
CVE-2016-8561 | 1 Siemens | 2 Simatic Cp 1543-1, Simatic Cp 1543-1 Firmware | 2024-08-06 | N/A |
A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Users with elevated privileges to TIA-Portal and project data on the engineering station could possibly get privileged access on affected devices. | ||||
CVE-2016-8501 | 1 Yandex | 1 Yandex Browser | 2024-08-06 | N/A |
Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 allows remote attacker to sniff traffic in open or WEP-protected wi-fi networks despite of special security mechanism is enabled. | ||||
CVE-2016-8493 | 1 Fortinet | 1 Forticlient | 2024-08-06 | N/A |
In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClientNamedPipe vulnerability. | ||||
CVE-2016-8494 | 1 Fortinet | 1 Connect | 2024-08-06 | N/A |
Insufficient verification of uploaded files allows attackers with webui administrators privileges to perform arbitrary code execution by uploading a new webui theme. | ||||
CVE-2016-8481 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-08-06 | N/A |
An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31906415. References: QC-CR#1078000. | ||||
CVE-2016-8467 | 1 Google | 1 Android | 2024-08-06 | N/A |
An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service (device interoperability: completely permanent or requiring re-flashing the entire operating system). Product: Android. Versions: N/A. Android ID: A-30308784. | ||||
CVE-2016-8468 | 1 Linux | 1 Linux Kernel | 2024-08-06 | N/A |
An elevation of privilege vulnerability in Binder could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.18. Android ID: A-32394425. | ||||
CVE-2016-8448 | 1 Google | 1 Android | 2024-08-06 | N/A |
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31791148. References: MT-ALPS02982181. | ||||
CVE-2016-8452 | 1 Linux | 1 Linux Kernel | 2024-08-06 | N/A |
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32506396. References: QC-CR#1050323. | ||||
CVE-2016-8455 | 1 Linux | 1 Linux Kernel | 2024-08-06 | N/A |
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-32219121. References: B-RB#106311. | ||||
CVE-2016-8451 | 1 Linux | 1 Linux Kernel | 2024-08-06 | N/A |
An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.4. Android ID: A-32178033. | ||||
CVE-2016-8447 | 1 Google | 1 Android | 2024-08-06 | N/A |
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31749463. References: MT-ALPS02968886. |