Total
1964 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-2312 | 1 Redhat | 2 Jboss Application Server, Jboss Enterprise Application Platform | 2024-08-06 | 7.8 High |
An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges. | ||||
CVE-2012-2148 | 2 Linux, Redhat | 3 Linux Kernel, Jboss Community Application Server, Jboss Enterprise Web Server | 2024-08-06 | 3.3 Low |
An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies | ||||
CVE-2023-25535 | 2024-08-06 | 7.2 High | ||
Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). This vulnerability only affects first-time installations done prior to 8th March 2023 | ||||
CVE-2012-1615 | 1 Fedoraproject | 2 Fedora, Sectool | 2024-08-06 | 7.8 High |
A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file. | ||||
CVE-2012-1563 | 1 Joomla | 1 Joomla\! | 2024-08-06 | 7.5 High |
Joomla! before 2.5.3 allows Admin Account Creation. | ||||
CVE-2012-1104 | 3 Apereo, Debian, Linux | 3 Phpcas, Debian Linux, Linux Kernel | 2024-08-06 | 5.3 Medium |
A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed. | ||||
CVE-2012-0384 | 1 Cisco | 2 Ios, Ios Xe | 2024-08-06 | 7.2 High |
Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS before 3.1.2S, 3.2.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.1.xSG and 3.2.xSG before 3.2.2SG, when AAA authorization is enabled, allow remote authenticated users to bypass intended access restrictions and execute commands via a (1) HTTP or (2) HTTPS session, aka Bug ID CSCtr91106. | ||||
CVE-2013-7421 | 5 Canonical, Debian, Linux and 2 more | 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more | 2024-08-06 | N/A |
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644. | ||||
CVE-2013-6773 | 2 Microsoft, Splunk | 2 Windows, Splunk | 2024-08-06 | 7.8 High |
Splunk 5.0.3 has an Unquoted Service Path in Windows for Universal Forwarder which can allow an attacker to escalate privileges | ||||
CVE-2013-6391 | 3 Canonical, Openstack, Redhat | 3 Ubuntu Linux, Keystone, Openstack | 2024-08-06 | N/A |
The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2tokens API request. | ||||
CVE-2013-6295 | 1 Prestashop | 1 Prestashop | 2024-08-06 | 9.8 Critical |
PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module | ||||
CVE-2013-6231 | 1 Eng | 1 Spagobi | 2024-08-06 | 8.8 High |
SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script | ||||
CVE-2013-5027 | 1 O-dyn | 1 Collabtive | 2024-08-06 | 9.8 Critical |
Collabtive 1.0 has incorrect access control | ||||
CVE-2013-4975 | 1 Hikvision | 2 Ds-2cd7153-e, Ds-2cd7153-e Firmware | 2024-08-06 | 8.8 High |
Hikvision DS-2CD7153-E IP Camera has Privilege Escalation | ||||
CVE-2013-4867 | 1 Ea | 2 Karotz Smart Rabbit, Karotz Smart Rabbit Firmware | 2024-08-06 | 6.3 Medium |
Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking | ||||
CVE-2013-4583 | 1 Gitlab | 2 Gitlab, Gitlab-shell | 2024-08-06 | 8.8 High |
The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories. | ||||
CVE-2013-4536 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2024-08-06 | 7.8 High |
An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. | ||||
CVE-2013-4251 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2024-08-06 | 7.8 High |
The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. | ||||
CVE-2013-4161 | 2 Fedoraproject, Gksu-polkit Project | 2 Fedora, Gksu-polkit | 2024-08-06 | 7.8 High |
gksu-polkit-0.0.3-6.fc18 was reported as fixing the issue in CVE-2012-5617 but the patch was improperly applied and it did not fixed the security issue. | ||||
CVE-2013-3323 | 1 Ibm | 13 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 10 more | 2024-08-06 | 9.8 Critical |
A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access. |