Search Results (5672 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-9815 1 Xen 1 Xen 2025-04-20 N/A
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort.
CVE-2015-4594 1 Eclinicalworks 1 Population Health 2025-04-20 N/A
eClinicalWorks Population Health (CCMR) suffers from a session fixation vulnerability. When authenticating a user, the application does not assign a new session ID, making it possible to use an existent session ID.
CVE-2016-8931 1 Ibm 1 Kenexa Lms 2025-04-20 N/A
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
CVE-2016-8932 1 Ibm 1 Kenexa Lms 2025-04-20 N/A
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
CVE-2016-9818 1 Xen 1 Xen 2025-04-20 N/A
Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP.
CVE-2016-9005 1 Ibm 1 System Storage Ts3100-ts3200 Tape Library 2025-04-20 N/A
IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to the company network, to change a user's password and gain remote access to the system.
CVE-2016-9008 1 Ibm 1 Urbancode Deploy 2025-04-20 N/A
IBM UrbanCode Deploy could allow a malicious user to access the Agent Relay ActiveMQ Broker JMX interface and run plugins on the agent.
CVE-2016-9016 1 Firejail Project 1 Firejail 2025-04-20 N/A
Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
CVE-2016-2930 1 Ibm 1 Bigfix Remote Control 2025-04-20 N/A
IBM BigFix Remote Control 9.1.3 could allow a remote attacker to perform actions reserved for an administrator without authentication. IBM X-Force ID: 5512.
CVE-2016-2942 1 Ibm 1 Urbancode Deploy 2025-04-20 N/A
IBM UrbanCode Deploy could allow an authenticated attacker with special permissions to craft a script on the server in a way that will cause processes to run on a remote UCD agent machine.
CVE-2016-9468 2 Nextcloud, Owncloud 2 Nextcloud Server, Owncloud 2025-04-20 N/A
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the dav app. The exception message displayed on the DAV endpoints contained partially user-controllable input leading to a potential misrepresentation of information.
CVE-2017-1002100 1 Kubernetes 1 Kubernetes 2025-04-20 N/A
Default access permissions for Persistent Volumes (PVs) created by the Kubernetes Azure cloud provider in versions 1.6.0 to 1.6.5 are set to "container" which exposes a URI that can be accessed without authentication on the public internet. Access to the URI string requires privileged access to the Kubernetes cluster or authenticated access to the Azure portal.
CVE-2016-8392 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31385862. References: QC-CR#1073136.
CVE-2016-8394 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31913197.
CVE-2016-8444 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31243641. References: QC-CR#1074310.
CVE-2015-1976 1 Ibm 2 Security Directory Server, Tivoli Directory Server 2025-04-20 N/A
IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash.
CVE-2015-8987 1 Mcafee 1 Agent 2025-04-20 N/A
Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server.
CVE-2016-0768 1 Postgresql 1 Postgresql 2025-04-20 N/A
PostgreSQL PL/Java after 9.0 does not honor access controls on large objects.
CVE-2016-9356 1 Moxa 1 Dacenter 2025-04-20 N/A
An issue was discovered in Moxa DACenter Versions 1.4 and older. The application may suffer from an unquoted search path issue.
CVE-2016-6105 1 Ibm 1 Security Key Lifecycle Manager 2025-04-20 N/A
IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 do not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas.