Total
5226 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-1610 | 1 Opendaylight | 1 L2switch | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
hosttracker in OpenDaylight l2switch allows remote attackers to change the host location information by spoofing the MAC address, aka "topology spoofing." | |||||
CVE-2014-0229 | 2 Apache, Cloudera | 2 Hadoop, Cdh | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2, do not check authorization for the (1) refreshNamenodes, (2) deleteBlockPool, and (3) shutdownDatanode HDFS admin commands, which allows remote authenticated users to cause a denial of service (DataNodes shutdown) or perform unnecessary operations by issuing a command. | |||||
CVE-2016-5856 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-02-28 | 7.6 HIGH | 7.0 HIGH |
Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857. | |||||
CVE-2016-8431 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32402179. References: N-CVE-2016-8431. | |||||
CVE-2016-10286 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.6 HIGH | 7.0 HIGH |
An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-35400904. References: QC-CR#1090237. | |||||
CVE-2016-8426 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31799206. References: N-CVE-2016-8426. | |||||
CVE-2016-6028 | 1 Ibm | 1 Rational Collaborative Lifecycle Management | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
IBM Jazz technology based products might allow an attacker to view work item titles that they do not have privilege to view. | |||||
CVE-2016-6740 | 1 Google | 1 Android | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30143904. References: Qualcomm QC-CR#1056307. | |||||
CVE-2016-8585 | 1 Trendmicro | 1 Threat Discovery Appliance | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
admin_sys_time.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the timezone parameter. | |||||
CVE-2016-8467 | 1 Google | 1 Android | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service (device interoperability: completely permanent or requiring re-flashing the entire operating system). Product: Android. Versions: N/A. Android ID: A-30308784. | |||||
CVE-2016-6811 | 1 Apache | 1 Hadoop | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user. | |||||
CVE-2016-8422 | 1 Google | 1 Android | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31471220. References: QC-CR#979426. | |||||
CVE-2016-8454 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.6 HIGH | 7.0 HIGH |
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32174590. References: B-RB#107142. | |||||
CVE-2016-6526 | 1 Samsung | 1 Samsung Mobile | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | |||||
CVE-2016-8417 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.6 HIGH | 7.0 HIGH |
An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32342399. References: QC-CR#1088824. | |||||
CVE-2016-6299 | 2 Fedoraproject, Mock Project | 2 Fedora, Scm Plugin | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. | |||||
CVE-2016-6705 | 1 Google | 1 Android | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in Mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Android ID: A-30907212. | |||||
CVE-2016-7613 | 1 Apple | 4 Iphone Os, Mac Os X, Safari and 1 more | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages object-lifetime mishandling during process spawning. | |||||
CVE-2016-7249 | 1 Microsoft | 1 Sql Server | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
Microsoft SQL Server 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability." | |||||
CVE-2016-8363 | 1 Moxa | 28 Awk-1121, Awk-1121 Firmware, Awk-1127 and 25 more | 2024-02-28 | 7.5 HIGH | 10.0 CRITICAL |
An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series. User is able to execute arbitrary OS commands on the server. |