Filtered by CWE-264
Total 5449 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-6383 1 Cisco 1 Ios Xe 2024-11-21 N/A
Cisco IOS XE 15.4(3)S on ASR 1000 devices improperly loads software packages, which allows local users to bypass license restrictions and obtain certain root privileges by using the CLI to enter crafted filenames, aka Bug ID CSCuv93130.
CVE-2015-6362 1 Cisco 1 Connected Grid Network Management System 2024-11-21 N/A
The web GUI in Cisco Connected Grid Network Management System (CG-NMS) 3.0(0.35) and 3.0(0.54) allows remote authenticated users to bypass intended access restrictions and modify the configuration by leveraging the Monitor-Only role, aka Bug ID CSCuw42640.
CVE-2015-6348 1 Cisco 1 Secure Access Control Server 2024-11-21 N/A
The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page.
CVE-2015-6347 1 Cisco 1 Secure Access Control Server 2024-11-21 N/A
The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and create a dashboard or portlet, by visiting an unspecified web page.
CVE-2015-6341 1 Cisco 1 Wireless Lan Controller Software 2024-11-21 N/A
The Web Management GUI on Cisco Wireless LAN Controller (WLC) devices with software 7.4(140.0) and 8.0(120.0) allows remote attackers to cause a denial of service (client disconnection) via unspecified vectors, aka Bug ID CSCuw10610.
CVE-2015-6335 1 Cisco 1 Firesight System Software 2024-11-21 N/A
The policy implementation in Cisco FireSIGHT Management Center 5.3.1.7, 5.4.0.4, and 6.0.0 for VMware allows remote authenticated administrators to bypass intended policy restrictions and execute Linux commands as root via unspecified vectors, aka Bug ID CSCuw12839.
CVE-2015-6333 1 Cisco 1 Application Policy Infrastructure Controller 2024-11-21 N/A
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.
CVE-2015-6322 1 Cisco 1 Anyconnect Secure Mobility Client 2024-11-21 N/A
The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1(8) allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-path validation, aka Bug ID CSCuv48563.
CVE-2015-6315 1 Cisco 1 Aironet Access Point Software 2024-11-21 N/A
Cisco Aironet 1850 access points with software 8.1(112.4) allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694.
CVE-2015-6306 3 Apple, Cisco, Linux 3 Mac Os X, Anyconnect Secure Mobility Client, Linux Kernel 2024-11-21 N/A
Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation file, aka Bug ID CSCuv11947.
CVE-2015-6296 1 Cisco 1 Prime Network Registrar 2024-11-21 N/A
Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allows local users to obtain root access by leveraging knowledge of the credentials, aka Bug ID CSCuw21825.
CVE-2015-6265 1 Cisco 1 Application Control Engine 4700 2024-11-21 N/A
The CLI in Cisco Application Control Engine (ACE) 4700 A5 3.0 and earlier allows local users to bypass intended access restrictions, and read or write to files, by entering an unspecified CLI command with a crafted file as this command's input, aka Bug ID CSCur23662.
CVE-2015-6174 1 Microsoft 9 Windows 10, Windows 7, Windows 8 and 6 more 2024-11-21 N/A
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6171 and CVE-2015-6173.
CVE-2015-6173 1 Microsoft 9 Windows 10, Windows 7, Windows 8 and 6 more 2024-11-21 N/A
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6171 and CVE-2015-6174.
CVE-2015-6171 1 Microsoft 9 Windows 10, Windows 7, Windows 8 and 6 more 2024-11-21 N/A
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6173 and CVE-2015-6174.
CVE-2015-6170 1 Microsoft 1 Edge 2024-11-21 N/A
Microsoft Edge allows remote attackers to gain privileges via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability."
CVE-2015-6139 1 Microsoft 2 Edge, Internet Explorer 2024-11-21 N/A
Microsoft Internet Explorer 11 and Microsoft Edge mishandle content types, which allows remote attackers to execute arbitrary web script in a privileged context via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability."
CVE-2015-6133 1 Microsoft 6 Windows 10, Windows 8, Windows 8.1 and 3 more 2024-11-21 N/A
Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."
CVE-2015-6132 1 Microsoft 9 Windows 10, Windows 7, Windows 8 and 6 more 2024-11-21 N/A
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."
CVE-2015-6101 1 Microsoft 9 Windows 10, Windows 7, Windows 8 and 6 more 2024-11-21 N/A
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6100.