Export limit exceeded: 364922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (9575 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-1878 1 Thalesesecurity 7 Nshield Connect 1500, Nshield Connect 1500\+, Nshield Connect 500 and 4 more 2025-04-20 N/A
Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract the device identification key [KNETI] and impersonate the nShield Connect device on a network, affect the integrity and confidentiality of newly created keys, and potentially cause other unspecified impacts using previously loaded keys by connecting to the USB port on the front panel.
CVE-2016-8468 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in Binder could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.18. Android ID: A-32394425.
CVE-2016-8466 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31822524. References: B-RB#105268.
CVE-2016-8465 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32474971. References: B-RB#106053.
CVE-2016-8464 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29000183. References: B-RB#106314.
CVE-2016-8467 1 Google 1 Android 2025-04-20 N/A
An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service (device interoperability: completely permanent or requiring re-flashing the entire operating system). Product: Android. Versions: N/A. Android ID: A-30308784.
CVE-2022-38124 1 Secomea 24 Sitemanager 1129, Sitemanager 1129 Firmware, Sitemanager 1139 and 21 more 2025-04-18 5.7 Medium
Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner.
CVE-2022-31707 1 Vmware 1 Vrealize Operations 2025-04-18 7.2 High
vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.
CVE-2023-51435 1 Hihonor 1 Magic Ui 2025-04-17 7.1 High
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.
CVE-2023-23430 1 Hihonor 1 Magichome 2025-04-17 3.3 Low
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
CVE-2022-1746 1 Dominionvoting 2 Democracy Suite, Imagecast X 2025-04-17 7.6 High
The authentication mechanism used by poll workers to administer voting using the tested version of Dominion Voting Systems ImageCast X can expose cryptographic secrets used to protect election information. An attacker could leverage this vulnerability to gain access to sensitive information and perform privileged actions, potentially affecting other election equipment.
CVE-2020-14481 1 Rockwellautomation 1 Factorytalk View 2025-04-17 7.8 High
The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account, an attacker could gain full access to the user’s operating system and certain components of FactoryTalk View SE.
CVE-2024-21622 1 Craftcms 1 Craft Cms 2025-04-17 5.4 Medium
Craft is a content management system. This is a potential moderate impact, low complexity privilege escalation vulnerability in Craft starting in 3.x prior to 3.9.6 and 4.x prior to 4.4.16 with certain user permissions setups. This has been fixed in Craft 4.4.16 and Craft 3.9.6. Users should ensure they are running at least those versions.
CVE-2022-46327 1 Huawei 2 Emui, Harmonyos 2025-04-17 9.8 Critical
Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in system service exceptions.
CVE-2022-42046 1 Wfs 1 Heaven Burns Red 2025-04-17 7.8 High
wfshbr64.sys and wfshbr32.sys specially crafted IOCTL allows arbitrary user to perform local privilege escalation
CVE-2024-27710 1 Eskooly 2 Eskooly, Free Online School Management Software 2025-04-16 9.8 Critical
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the authentication mechanism.
CVE-2022-23921 1 Ge 1 Proficy Cimplicitiy 2025-04-16 7.5 High
Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a machine actively running CIMPLICITY, the CIMPLICITY server is not already running a project, and the server is licensed for multiple projects.
CVE-2020-16238 1 Bbraun 2 Datamodule Compactplus, Spacecom 2025-04-16 6.7 Medium
A vulnerability in the configuration import mechanism of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with command line access to the underlying Linux system to escalate privileges to the root user.
CVE-2020-36549 1 Ge 2 Voluson S8, Voluson S8 Firmware 2025-04-16 8.8 High
A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed.
CVE-2022-2104 1 Secheron 2 Sepcos Control And Protection Relay, Sepcos Control And Protection Relay Firmware 2025-04-16 9.9 Critical
The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash).