Search Results (4437 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-9040 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in a GERAN API.
CVE-2017-6866 1 Siemens 1 Xhq Server 2025-04-20 N/A
A vulnerability was discovered in Siemens XHQ server 4 and 5 (4 before V4.7.1.3 and 5 before V5.0.0.2) that could allow an authenticated low-privileged remote user to gain read access to data in the XHQ solution exceeding his configured permission level.
CVE-2016-10335 1 Google 1 Android 2025-04-20 N/A
In all Android releases from CAF using the Linux kernel, libtomcrypt was updated.
CVE-2016-10334 1 Google 1 Android 2025-04-20 N/A
In all Android releases from CAF using the Linux kernel, a dynamically-protected DDR region could potentially get overwritten.
CVE-2016-10514 1 Piwigo 1 Piwigo 2025-04-20 N/A
url_check_format in include/functions.inc.php in Piwigo before 2.8.3 allows remote attackers to bypass intended access restrictions via a URL that contains a " character, or a URL beginning with a substring other than the http:// or https:// substring.
CVE-2016-1220 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon before 4.2.2 does not properly restrict access.
CVE-2016-1894 1 Netapp 1 Oncommand Workflow Automation 2025-04-20 N/A
NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors.
CVE-2015-3163 1 Redhat 1 Beaker 2025-04-20 4.3 Medium
The admin pages for power types and key types in Beaker before 20.1 do not have any access controls, which allows remote authenticated users to modify power types and key types via navigating to $BEAKER/powertypes and $BEAKER/keytypes respectively.
CVE-2014-4707 1 Huawei 6 Campus S7700, Campus S7700 Firmware, Campus S9300 and 3 more 2025-04-20 N/A
Huawei Campus S7700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9300 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300 allow unauthorized users to upgrade the bootrom or bootload software, bypass a Menu protection mechanism, conduct a Menu compromise attack, or bypass a Menu/upgrade protection mechanism.
CVE-2017-8447 1 Elastic 1 X-pack 2025-04-20 N/A
An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege enforcement. If a user has either 'delete' or 'index' permissions on an index in a cluster, they may be able to issue both delete and index requests against that index.
CVE-2017-8448 1 Elastic 1 X-pack 2025-04-20 N/A
An error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users mapped to certain built-in roles could create a watch that results in that user gaining elevated privileges.
CVE-2015-7898 1 Samsung 2 Galaxy S6, Samsung Mobile 2025-04-20 N/A
Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).
CVE-2016-2930 1 Ibm 1 Bigfix Remote Control 2025-04-20 N/A
IBM BigFix Remote Control 9.1.3 could allow a remote attacker to perform actions reserved for an administrator without authentication. IBM X-Force ID: 5512.
CVE-2016-6085 1 Ibm 1 Bigfix Platform 2025-04-20 N/A
IBM BigFix Platform could allow an attacker on the local network to crash the BES and relay servers.
CVE-2017-9462 3 Debian, Mercurial, Redhat 9 Debian Linux, Mercurial, Enterprise Linux and 6 more 2025-04-20 8.8 High
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.
CVE-2016-4850 1 Linecorp 1 Line 2025-04-20 N/A
LINE for Windows before 4.8.3 allows man-in-the-middle attackers to execute arbitrary code.
CVE-2016-4874 1 Cybozu 1 Office 2025-04-20 N/A
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct a "reflected file download" attack.
CVE-2016-5058 1 Osram 1 Lightify Pro 2025-04-20 N/A
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay.
CVE-2016-5054 1 Osram 1 Lightify Home 2025-04-20 N/A
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay.
CVE-2016-10026 1 Ikiwiki 1 Ikiwiki 2025-04-20 N/A
ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI interface enabled, which allows remote attackers to revert certain changes by leveraging permissions to change the page before the revision was made.