Export limit exceeded: 363849 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (9552 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-8993 1 Mcafee 3 Cloud Av, Security Scan Plus, Security Webadvisor 2025-04-20 N/A
Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
CVE-2010-5327 1 Liferay 1 Liferay Portal 2025-04-20 N/A
Liferay Portal through 6.2.10 allows remote authenticated users to execute arbitrary shell commands via a crafted Velocity template.
CVE-2016-6299 2 Fedoraproject, Mock Project 2 Fedora, Scm Plugin 2025-04-20 N/A
The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file.
CVE-2017-4991 2 Cloudfoundry, Pivotal Software 3 Cf-release, Cloud Foundry Uaa Bosh, Cloud Foundry Uaa 2025-04-20 7.2 High
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v260; UAA release 2.x versions prior to v2.7.4.16, 3.6.x versions prior to v3.6.10, 3.9.x versions prior to v3.9.12, and other versions prior to v3.17.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.14, 24.x versions prior to v24.9, 30.x versions prior to 30.2, and other versions prior to v36. Privileged users in one zone are allowed to perform a password reset for users in a different zone.
CVE-2016-6268 1 Trendmicro 1 Smart Protection Server 2025-04-20 7.8 High
Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to execute arbitrary code with root privileges via a Trojan horse .war file in the Solr webapps directory.
CVE-2016-9269 1 Trendmicro 1 Interscan Web Security Virtual Appliance 2025-04-20 N/A
Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as root via Patch Update functionality. This was resolved in Version 6.5 CP 1737.
CVE-2015-0162 1 Ibm 1 Security Siteprotector System 2025-04-20 N/A
IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local users to gain privileges.
CVE-2016-9382 2 Citrix, Xen 2 Xenserver, Xen 2025-04-20 N/A
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.
CVE-2016-8235 1 Lenovo 1 Customer Care Software Development Kit 2025-04-20 N/A
Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges.
CVE-2016-8453 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-24739315. References: B-RB#73392.
CVE-2016-9984 1 Ibm 1 Maximo Asset Management 2025-04-20 N/A
IBM Maximo Asset Management 7.5 and 7.6 could allow a remote authenticated attacker to execute arbitrary commands on the system as administrator. IBM X-Force ID: 120276.
CVE-2016-10341 1 Google 1 Android 2025-04-20 N/A
In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended.
CVE-2016-10318 1 Linux 1 Linux Kernel 2025-04-20 N/A
A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service.
CVE-2017-11467 1 Orientdb 1 Orientdb 2025-04-20 N/A
OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request.
CVE-2016-8221 1 Lenovo 1 Xclarity Administrator 2025-04-20 N/A
Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code.
CVE-2016-10284 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32402303. References: QC-CR#2000664.
CVE-2016-6902 1 Lshell Project 1 Lshell 2025-04-20 N/A
lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.
CVE-2016-6903 1 Lshell Project 1 Lshell 2025-04-20 N/A
lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.
CVE-2017-14329 1 Extremenetworks 1 Extremexos 2025-04-20 N/A
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell.
CVE-2014-8428 1 Barracuda 1 Load Balancer 2025-04-20 N/A
Privilege escalation vulnerability in Barracuda Load Balancer 5.0.0.015 via the use of an improperly protected SSH key.