Export limit exceeded: 10807 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10807 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-4989 | 1 Emc | 1 Avamar Server | 2025-04-20 | N/A |
| In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows. | ||||
| CVE-2017-5033 | 6 Apple, Debian, Google and 3 more | 10 Macos, Debian Linux, Android and 7 more | 2025-04-20 | 4.3 Medium |
| Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline keyword. | ||||
| CVE-2015-9006 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist. | ||||
| CVE-2015-8987 | 1 Mcafee | 1 Agent | 2025-04-20 | N/A |
| Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server. | ||||
| CVE-2015-8332 | 1 Huawei | 4 Vcm5010, Vcm5010 Firmware, Vcm5020 and 1 more | 2025-04-20 | N/A |
| Huawei Video Content Management (VCM) before V100R001C10SPC001 does not properly "authenticate online user identities and privileges," which allows remote authenticated users to gain privileges and perform a case operation as another user via a crafted message, aka "Horizontal Privilege Escalation Vulnerability." | ||||
| CVE-2016-6785 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31748056. References: MT-ALPS02961400. | ||||
| CVE-2015-8284 | 1 Seawell Networks | 1 Spectrum Sdc | 2025-04-20 | N/A |
| SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions. | ||||
| CVE-2015-8275 | 1 Eparaksts | 2 Edoc-libraries, Eparakstitajs 3 | 2025-04-20 | N/A |
| LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to write to arbitrary files via crafted EDOC files. | ||||
| CVE-2016-6789 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.18. Android ID: A-31251973. References: N-CVE-2016-6789. | ||||
| CVE-2015-7895 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2025-04-20 | N/A |
| Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | ||||
| CVE-2017-5152 | 1 Advantech | 1 Webaccess | 2025-04-20 | N/A |
| An issue was discovered in Advantech WebAccess Version 8.1. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access pages unrestricted (AUTHENTICATION BYPASS). | ||||
| CVE-2016-7054 | 1 Openssl | 1 Openssl | 2025-04-20 | N/A |
| In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash. This issue is not considered to be exploitable beyond a DoS. | ||||
| CVE-2015-7898 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2025-04-20 | N/A |
| Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | ||||
| CVE-2015-7887 | 1 Netapp | 1 Snapcenter Server | 2025-04-20 | N/A |
| NetApp SnapCenter Server 1.0 allows remote authenticated users to list and delete backups. | ||||
| CVE-2017-5174 | 1 Geutebruck | 2 Ip Camera G-cam Efd-2250, Ip Camera G-cam Efd-2250 Firmware | 2025-04-20 | N/A |
| An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code execution. | ||||
| CVE-2016-7408 | 1 Dropbear Ssh Project | 1 Dropbear Ssh | 2025-04-20 | N/A |
| The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted (1) -m or (2) -c argument. | ||||
| CVE-2016-7468 | 1 F5 | 10 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 7 more | 2025-04-20 | N/A |
| An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system's tm.tcpprogressive db variable value is set to non-default setting "enabled". The default value for the tm.tcpprogressive db variable is "negotiate". An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group. | ||||
| CVE-2017-5791 | 1 Hp | 1 Intelligent Management Center Plat | 2025-04-20 | N/A |
| The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI. | ||||
| CVE-2016-7545 | 3 Fedoraproject, Redhat, Selinux Project | 9 Fedora, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-20 | N/A |
| SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. | ||||
| CVE-2017-6016 | 1 Leao Consultoria E Desenvolvimento De Sistemas | 1 Ltda Me Laquis Scada | 2025-04-20 | N/A |
| An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA. The following versions are affected: Versions 4.1 and prior versions released before January 20, 2017. An Improper Access Control vulnerability has been identified, which may allow an authenticated user to modify application files to escalate privileges. | ||||