Export limit exceeded: 357832 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9372 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-4964 | 1 Ibm | 1 Urbancode Deploy | 2025-04-12 | N/A |
| IBM UrbanCode Deploy 6.0 and 6.0.1.x before 6.0.1.10, 6.1.1.x before 6.1.1.8, and 6.1.2 writes admin AUTH_TOKEN values to execution logs, which allows remote authenticated users to gain privileges by leveraging the ability to create and execute a process. | ||||
| CVE-2015-4997 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
| IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to bypass intended access restrictions via a crafted request. | ||||
| CVE-2015-5005 | 1 Ibm | 2 Aix, Powerha System Mirror | 2025-04-12 | N/A |
| CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote authenticated users to perform an "su root" action by leveraging presence on the cluster-wide password-change list. | ||||
| CVE-2015-5019 | 1 Ibm | 2 Sterling B2b Integrator, Sterling Integrator | 2025-04-12 | N/A |
| IBM Sterling Integrator 5.1 before 5010004_8 and Sterling B2B Integrator 5.2 before 5020500_9 allow remote authenticated users to read or upload files by leveraging a password-change requirement. | ||||
| CVE-2015-5020 | 1 Ibm | 1 Infosphere Biginsights | 2025-04-12 | N/A |
| The Big SQL component in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0 allows remote authenticated users to bypass intended access restrictions and truncate arbitrary tables via unspecified vectors. | ||||
| CVE-2016-8561 | 1 Siemens | 2 Simatic Cp 1543-1, Simatic Cp 1543-1 Firmware | 2025-04-12 | N/A |
| A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Users with elevated privileges to TIA-Portal and project data on the engineering station could possibly get privileged access on affected devices. | ||||
| CVE-2015-5051 | 1 Ibm | 9 Maximo Asset Management, Maximo Asset Management Essentials, Maximo For Government and 6 more | 2025-04-12 | N/A |
| IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.2 IF1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.2 IF1 for SmartCloud Control Desk allow remote authenticated users to bypass intended access restrictions on query results via unspecified vectors. | ||||
| CVE-2015-5090 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-12 | N/A |
| Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and perform a transition from Low Integrity to Medium Integrity via unspecified vectors, a different vulnerability than CVE-2015-4446 and CVE-2015-5106. | ||||
| CVE-2015-5106 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-12 | N/A |
| Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and perform a transition from Low Integrity to Medium Integrity via unspecified vectors, a different vulnerability than CVE-2015-4446 and CVE-2015-5090. | ||||
| CVE-2016-4381 | 1 Hp | 1 Xp7 Command View | 2025-04-12 | N/A |
| HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x before 8.4.1-02, when Replication Manager (RepMgr) and Device Manager (DevMgr) are enabled, allows local users to bypass intended access restrictions via unspecified vectors. | ||||
| CVE-2016-4382 | 1 Hp | 1 Performance Center | 2025-04-12 | N/A |
| HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure" issue. | ||||
| CVE-2016-4440 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 7.8 High |
| arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode. | ||||
| CVE-2016-4962 | 2 Oracle, Xen | 2 Vm Server, Xen | 2025-04-12 | N/A |
| The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore. | ||||
| CVE-2016-4997 | 6 Canonical, Debian, Linux and 3 more | 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more | 2025-04-12 | 7.8 High |
| The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement. | ||||
| CVE-2016-5020 | 1 F5 | 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 11 more | 2025-04-12 | N/A |
| F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script. | ||||
| CVE-2016-5087 | 1 Alertus | 1 Alertus Desktop Notification For Os X | 2025-04-12 | N/A |
| Alertus Desktop Notification before 2.9.31.1710 on OS X uses weak permissions for configuration files and unspecified other files, which allows local users to suppress emergency notifications or change content via standard filesystem operations. | ||||
| CVE-2016-5143 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-04-12 | N/A |
| The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL, a different vulnerability than CVE-2016-5144. | ||||
| CVE-2016-5499 | 1 Oracle | 1 Database Server | 2025-04-12 | N/A |
| Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498. | ||||
| CVE-2016-5572 | 1 Oracle | 1 Database | 2025-04-12 | N/A |
| Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| CVE-2016-5647 | 1 Intel | 1 Graphics Driver | 2025-04-12 | N/A |
| The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, 15.36.x through 15.36.30.4385, and 15.40.x through 15.40.4404 on Windows allows local users to cause a denial of service (crash) or gain privileges via a crafted D3DKMTEscape request. | ||||