Total
5449 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-6527 | 1 Samsung | 1 Samsung Mobile | 2024-11-21 | N/A |
| The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | ||||
| CVE-2016-6526 | 1 Samsung | 1 Samsung Mobile | 2024-11-21 | N/A |
| The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | ||||
| CVE-2016-6492 | 1 Google | 1 Android | 2024-11-21 | N/A |
| The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek driver for Linux allows local users to gain privileges via a crafted application that makes an MT6573FDVTIOC_T_SET_FDCONF_CMD IOCTL call. | ||||
| CVE-2016-6486 | 1 Siemens | 1 Sinema Server | 2024-11-21 | N/A |
| Siemens SINEMA Server uses weak permissions for the application folder, which allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2016-6470 | 1 Cisco | 1 Hybrid Media Service | 2024-11-21 | N/A |
| A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb81344. Known Affected Releases: 1.0. | ||||
| CVE-2016-6449 | 1 Cisco | 1 Fireamp Connector Endpoint Software | 2024-11-21 | N/A |
| A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAMP processes without requiring a password. Stopping certain critical processes could cause a denial of service (DoS) condition, and certain security features could no longer be available. More Information: CSCvb40597. Known Affected Releases: 1. | ||||
| CVE-2016-6438 | 1 Cisco | 1 Ios Xe | 2024-11-21 | N/A |
| A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device. This vulnerability affects the following releases of Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers: All 3.16S releases, All 3.17S releases, Release 3.18.0S, Release 3.18.1S, Release 3.18.0SP. More Information: CSCuz62815. Known Affected Releases: 15.5(3)S2.9, 15.6(2)SP. Known Fixed Releases: 15.6(1.7)SP1, 16.4(0.183), 16.5(0.1). | ||||
| CVE-2016-6430 | 1 Cisco | 1 Ip Interoperability And Collaboration System | 2024-11-21 | N/A |
| A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an authenticated, local attacker to elevate the privilege level associated with their session. More Information: CSCva38636. Known Affected Releases: 4.10(1). Known Fixed Releases: 5.0(1). | ||||
| CVE-2016-6428 | 1 Cisco | 1 Ios Xr | 2024-11-21 | N/A |
| Cisco IOS XR 6.1.1 allows local users to execute arbitrary OS commands as root by leveraging admin privileges, aka Bug ID CSCva38349. | ||||
| CVE-2016-6420 | 1 Cisco | 1 Firesight System Software | 2024-11-21 | N/A |
| Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467. | ||||
| CVE-2016-6413 | 1 Cisco | 1 Application Policy Infrastructure Controller | 2024-11-21 | N/A |
| The installation procedure on Cisco Application Policy Infrastructure Controller (APIC) devices 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCva50496. | ||||
| CVE-2016-6406 | 1 Cisco | 1 Email Security Appliance Firmware | 2024-11-21 | N/A |
| Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client before 1.0.2-065 is installed, allows remote attackers to obtain root access via a connection to the testing/debugging interface, aka Bug ID CSCvb26017. | ||||
| CVE-2016-6402 | 1 Cisco | 1 Unified Computing System | 2024-11-21 | N/A |
| UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263. | ||||
| CVE-2016-6394 | 1 Cisco | 1 Firesight System Software | 2024-11-21 | N/A |
| Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503. | ||||
| CVE-2016-6369 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2024-11-21 | N/A |
| Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464. | ||||
| CVE-2016-6362 | 1 Cisco | 1 Aironet Access Point Software | 2024-11-21 | N/A |
| Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725. | ||||
| CVE-2016-6325 | 2 Apache, Redhat | 11 Tomcat, Enterprise Linux, Enterprise Linux Desktop and 8 more | 2024-11-21 | N/A |
| The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group. | ||||
| CVE-2016-6322 | 1 Redhat | 2 Enterprise Linux, Quickstart Cloud Installer | 2024-11-21 | N/A |
| Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file. | ||||
| CVE-2016-6299 | 2 Fedoraproject, Mock Project | 2 Fedora, Scm Plugin | 2024-11-21 | N/A |
| The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. | ||||
| CVE-2016-6276 | 1 Citrix | 1 Linux Virtual Delivery Agent | 2024-11-21 | N/A |
| Citrix Linux Virtual Delivery Agent (aka VDA, formerly Linux Virtual Desktop) before 1.4.0 allows local users to gain root privileges via unspecified vectors. | ||||