Total
5476 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4896 | 1 Setucocms Project | 1 Setucocms | 2025-04-20 | N/A |
| SetsucoCMS all versions does not properly manage sessions, which allows remote attackers to disclose or alter unauthorized information via unspecified vectors. | ||||
| CVE-2016-4043 | 1 Plone | 1 Plone | 2025-04-20 | N/A |
| Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1 allows remote authenticated users to bypass Restricted Python by leveraging permissions to create or edit templates. | ||||
| CVE-2016-4041 | 1 Plone | 1 Plone | 2025-04-20 | N/A |
| Plone 4.0 through 5.1a1 does not have security declarations for Dexterity content-related WebDAV requests, which allows remote attackers to gain webdav access via unspecified vectors. | ||||
| CVE-2016-3998 | 1 Netapp | 1 Altavault | 2025-04-20 | N/A |
| NetApp AltaVault 4.1 and earlier allows man-in-the-middle attackers to obtain sensitive information, gain privileges, or cause a denial of service via vectors related to the SMB protocol. | ||||
| CVE-2016-3114 | 1 Kallithea | 1 Kallithea | 2025-04-20 | N/A |
| Kallithea before 0.3.2 allows remote authenticated users to edit or delete open pull requests or delete comments by leveraging read access. | ||||
| CVE-2016-3067 | 1 Cygwin | 1 Cygwin | 2025-04-20 | N/A |
| Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges. | ||||
| CVE-2016-3053 | 1 Ibm | 1 Aix | 2025-04-20 | N/A |
| IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. | ||||
| CVE-2016-2779 | 1 Kernel | 1 Util-linux | 2025-04-20 | N/A |
| runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | ||||
| CVE-2016-1880 | 1 Freebsd | 1 Freebsd | 2025-04-20 | N/A |
| The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "handling of Linux futex robust lists." | ||||
| CVE-2016-1876 | 1 Lenovo | 1 Solution Center | 2025-04-20 | N/A |
| The backend service process in Lenovo Solution Center (aka LSC) before 3.3.0002 allows local users to gain SYSTEM privileges via unspecified vectors. | ||||
| CVE-2016-4340 | 1 Gitlab | 1 Gitlab | 2025-04-20 | N/A |
| The impersonate feature in Gitlab 8.7.0, 8.6.0 through 8.6.7, 8.5.0 through 8.5.11, 8.4.0 through 8.4.9, 8.3.0 through 8.3.8, and 8.2.0 through 8.2.4 allows remote authenticated users to "log in" as any other user via unspecified vectors. | ||||
| CVE-2016-6079 | 1 Ibm | 2 Aix, Vios | 2025-04-20 | N/A |
| IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053. | ||||
| CVE-2016-10323 | 1 Synology | 1 Photo Station | 2025-04-20 | N/A |
| Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command. | ||||
| CVE-2016-10318 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service. | ||||
| CVE-2016-10225 | 1 Allwinner | 4 A83t, H3, H8 and 1 more | 2025-04-20 | 7.8 High |
| The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending "rootmydevice" to /proc/sunxi_debug/sunxi_debug. | ||||
| CVE-2016-10187 | 1 Calibre-ebook | 1 Calibre | 2025-04-20 | N/A |
| The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript. | ||||
| CVE-2016-10123 | 1 Firejail Project | 1 Firejail | 2025-04-20 | N/A |
| Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges. | ||||
| CVE-2016-10122 | 1 Firejail Project | 1 Firejail | 2025-04-20 | N/A |
| Firejail does not properly clean environment variables, which allows local users to gain privileges. | ||||
| CVE-2016-10121 | 1 Firejail Project | 1 Firejail | 2025-04-20 | N/A |
| Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges. | ||||
| CVE-2016-10120 | 1 Firejail Project | 1 Firejail | 2025-04-20 | N/A |
| Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges. | ||||