Total
5245 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-9013 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393251. | |||||
CVE-2015-7597 | 1 Gemalto | 1 Safenet Authentication Service Iis Agent | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
SafeNet Authentication Service IIS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | |||||
CVE-2014-9955 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384686. | |||||
CVE-2015-7596 | 1 Gemalto | 1 Safenet Authentication Service End User Software Tools For Windows | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
SafeNet Authentication Service End User Software Tools for Windows uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | |||||
CVE-2016-10230 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
A remote code execution vulnerability in the Qualcomm crypto driver. Product: Android. Versions: Android kernel. Android ID: A-34389927. References: QC-CR#1091408. | |||||
CVE-2015-7965 | 1 Gemalto | 1 Safenet Authentication Service Windows Logon Agent | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7966. | |||||
CVE-2015-9014 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393750. | |||||
CVE-2014-1889 | 1 Buddypress | 1 Buddypress | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
The Group creation process in the Buddypress plugin before 1.9.2 for WordPress allows remote authenticated users to gain control of arbitrary groups by leveraging a missing permissions check. | |||||
CVE-2016-5295 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege by having the Maintenance Service invoke the Mozilla Updater to run malicious local files. This vulnerability requires local system access and is a variant of MFSA2013-44. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox < 50. | |||||
CVE-2015-9010 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393101. | |||||
CVE-2014-1946 | 1 Opendocman | 1 Opendocman | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
OpenDocMan 1.2.7 and earlier does not properly validate allowed actions, which allows remote authenticated users to bypass an intended access restrictions and assign administrative privileges to themselves via a crafted request to signup.php. | |||||
CVE-2014-10054 | 1 Qualcomm | 64 Mdm9206, Mdm9206 Firmware, Mdm9607 and 61 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 400, SD 450, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SDX20, lack of input validation on BT HCI commands processing allows privilege escalation. | |||||
CVE-2013-7202 | 1 Paypal | 1 Paypal | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system. | |||||
CVE-2016-8534 | 1 Hp | 1 Matrix Operating Environment | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
A remote privilege elevation vulnerability in HPE Matrix Operating Environment version 7.6 was found. | |||||
CVE-2014-10057 | 1 Qualcomm | 28 Mdm9615, Mdm9615 Firmware, Mdm9625 and 25 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 435, SD 617, SD 625, and Snapdragon_High_Med_2016, binary Calibration files under data/misc/audio have 777 permissions. | |||||
CVE-2013-0267 | 1 Apache | 1 Vcl | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x before 2.2.2 and 2.1 allow remote authenticated users with nodeAdmin, manageGroup, resourceGrant, or userGrant permissions to gain privileges, cause a denial of service, or conduct cross-site scripting (XSS) attacks by leveraging improper data validation. | |||||
CVE-2015-9015 | 1 Google | 1 Android | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714120. | |||||
CVE-2015-9196 | 1 Qualcomm | 8 Fsm9055, Fsm9055 Firmware, Mdm9635m and 5 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, MDM9635M, SD 400, and SD 800, improper input validation in tzbsp_ocmem can cause privilege escalation. | |||||
CVE-2016-8484 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823575. | |||||
CVE-2016-10232 | 1 Google | 1 Android | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-34386696. References: QC-CR#1024872. |