Total
5442 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-6402 | 1 Cisco | 1 Unified Computing System | 2024-08-06 | N/A |
UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263. | ||||
CVE-2016-6362 | 1 Cisco | 1 Aironet Access Point Software | 2024-08-06 | N/A |
Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725. | ||||
CVE-2016-6394 | 1 Cisco | 1 Firesight System Software | 2024-08-06 | N/A |
Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503. | ||||
CVE-2016-6325 | 2 Apache, Redhat | 11 Tomcat, Enterprise Linux, Enterprise Linux Desktop and 8 more | 2024-08-06 | N/A |
The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group. | ||||
CVE-2016-6299 | 2 Fedoraproject, Mock Project | 2 Fedora, Scm Plugin | 2024-08-06 | N/A |
The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. | ||||
CVE-2016-6276 | 1 Citrix | 1 Linux Virtual Delivery Agent | 2024-08-06 | N/A |
Citrix Linux Virtual Delivery Agent (aka VDA, formerly Linux Virtual Desktop) before 1.4.0 allows local users to gain root privileges via unspecified vectors. | ||||
CVE-2016-6268 | 1 Trendmicro | 1 Smart Protection Server | 2024-08-06 | 7.8 High |
Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to execute arbitrary code with root privileges via a Trojan horse .war file in the Solr webapps directory. | ||||
CVE-2016-6211 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2024-08-06 | N/A |
The User module in Drupal 7.x before 7.44 allows remote authenticated users to gain privileges via vectors involving contributed or custom code that triggers a rebuild of the user profile form. | ||||
CVE-2016-6192 | 1 Huawei | 1 P8 Smartphone Firmware | 2024-08-06 | N/A |
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6193. | ||||
CVE-2016-6193 | 1 Huawei | 1 P8 Smartphone Firmware | 2024-08-06 | N/A |
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6192. | ||||
CVE-2016-6187 | 1 Linux | 1 Linux Kernel | 2024-08-06 | 7.8 High |
The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook. | ||||
CVE-2016-6112 | 1 Ibm | 3 Distributed Marketing, Marketing Operations, Marketing Platform | 2024-08-06 | N/A |
IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282. | ||||
CVE-2016-6079 | 1 Ibm | 2 Aix, Vios | 2024-08-06 | N/A |
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053. | ||||
CVE-2016-6028 | 1 Ibm | 1 Rational Collaborative Lifecycle Management | 2024-08-06 | N/A |
IBM Jazz technology based products might allow an attacker to view work item titles that they do not have privilege to view. | ||||
CVE-2016-5856 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-08-06 | N/A |
Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857. | ||||
CVE-2016-5991 | 1 Ibm | 1 Sterling Connect\ | 2024-08-06 | N/A |
IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to gain privileges via unspecified vectors. | ||||
CVE-2016-5868 | 1 Google | 1 Android | 2024-08-06 | N/A |
drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process. | ||||
CVE-2016-5821 | 1 Huawei | 1 Hisuite | 2024-08-06 | N/A |
Huawei HiSuite before 4.0.4.204_ove (Out of China) and before 4.0.4.301 (China) use a weak ACL (FILE_WRITE_DATA for BUILTIN\Users) for the HiSuite service directory, which allows local users to gain SYSTEM privileges via a Trojan horse (1) SspiCli.dll or (2) USERENV.dll file or possibly other unspecified DLL files. | ||||
CVE-2016-5857 | 1 Google | 1 Android | 2024-08-06 | N/A |
The Qualcomm SPCom driver in Android before 7.0 allows local users to execute arbitrary code within the context of the kernel via a crafted application, aka Android internal bug 34386529 and Qualcomm internal bug CR#1094140. | ||||
CVE-2016-6025 | 1 Ibm | 1 Sterling Secure Proxy | 2024-08-06 | N/A |
The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows remote attackers to obtain access by leveraging an unattended workstation to conduct a post-logoff session-reuse attack involving a modified URL. |