Vulnerabilities (CVE)

Filtered by CWE-264
Total 5324 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-1248 1 Basercms 1 Basercms 2021-09-14 5.1 MEDIUM N/A
app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain.
CVE-2014-5070 1 Microsemi 2 S350i, S350i Firmware 2021-09-13 6.5 MEDIUM 8.8 HIGH
Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page.
CVE-2015-2889 1 Summerinfant 2 Baby Zoom Wifi Monitor, Baby Zoom Wifi Monitor Firmware 2021-09-10 6.5 MEDIUM 8.8 HIGH
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to gain privileges via manual entry of a Settings URL.
CVE-2016-6268 1 Trendmicro 1 Smart Protection Server 2021-09-09 7.2 HIGH 7.8 HIGH
Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to execute arbitrary code with root privileges via a Trojan horse .war file in the Solr webapps directory.
CVE-2014-8421 2 Atos, Unify 8 Openscape Desk Phone Ip 35g, Openscape Desk Phone Ip 35g Eco, Openscape Desk Phone Ip 55g and 5 more 2021-09-09 8.5 HIGH 7.5 HIGH
Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh, or (20) appWeb in /Opera_Deploy.
CVE-2016-2557 2 Microsoft, Nvidia 3 Windows, Gpu Driver R340, Gpu Driver R352 2021-09-09 7.2 HIGH 8.4 HIGH
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information from kernel memory, cause a denial of service (crash), or possibly gain privileges via unspecified vectors, which trigger uninitialized or out-of-bounds memory access.
CVE-2016-2556 2 Microsoft, Nvidia 3 Windows, Gpu Driver R340, Gpu Driver R352 2021-09-09 7.2 HIGH 7.8 HIGH
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows improperly allows access to restricted functionality, which allows local users to gain privileges via unspecified vectors.
CVE-2010-2657 3 Apple, Microsoft, Opera 3 Macos, Windows, Opera Browser 2021-09-08 9.3 HIGH N/A
Opera before 10.60 on Windows and Mac OS X does not properly prevent certain double-click operations from running a program located on a web site, which allows user-assisted remote attackers to execute arbitrary code via a crafted web page that bypasses a dialog.
CVE-2014-5247 1 Spi-inc 1 Ganeti 2021-09-08 2.1 LOW N/A
The _UpgradeBeforeConfigurationChange function in lib/client/gnt_cluster.py in Ganeti 2.10.0 before 2.10.7 and 2.11.0 before 2.11.5 uses world-readable permissions for the configuration backup file, which allows local users to obtain SSL keys, remote API credentials, and other sensitive information by reading the file, related to the upgrade command.
CVE-2015-7260 1 Vertiv 1 Liebert Multilink Automated Shutdown 2021-08-31 7.2 HIGH 7.8 HIGH
Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain privileges by replacing the LiebertM executable file.
CVE-2014-3074 1 Ibm 2 Aix, Vios 2021-08-31 7.2 HIGH N/A
The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program.
CVE-2016-6079 1 Ibm 2 Aix, Vios 2021-08-31 7.2 HIGH 7.8 HIGH
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053.
CVE-2014-8904 1 Ibm 2 Aix, Vios 2021-08-31 7.2 HIGH N/A
lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value.
CVE-2016-8972 1 Ibm 2 Aix, Vios 2021-08-31 7.2 HIGH 7.8 HIGH
IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011.
CVE-2012-4833 1 Ibm 2 Aix, Vios 2021-08-31 2.1 LOW N/A
fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k option, which allows local users to kill arbitrary processes via a crafted command line.
CVE-2012-4845 1 Ibm 2 Aix, Vios 2021-08-31 6.8 MEDIUM N/A
The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file.
CVE-2012-2200 1 Ibm 2 Aix, Vios 2021-08-31 7.2 HIGH N/A
The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory.
CVE-2016-8769 1 Huawei 1 Utps Firmware 2021-08-27 7.2 HIGH 6.7 MEDIUM
Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983 has an unquoted service path vulnerability which can lead to the truncation of UTPS service query paths. An attacker may put an executable file in the search path of the affected service and obtain elevated privileges after the executable file is executed.
CVE-2009-0637 1 Cisco 2 Ios, Ios Xr 2021-08-25 7.1 HIGH N/A
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command.
CVE-2014-0107 2 Apache, Oracle 2 Xalan-java, Webcenter Sites 2021-08-24 7.5 HIGH N/A
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.