Export limit exceeded: 364922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9575 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-1878 | 1 Thalesesecurity | 7 Nshield Connect 1500, Nshield Connect 1500\+, Nshield Connect 500 and 4 more | 2025-04-20 | N/A |
| Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract the device identification key [KNETI] and impersonate the nShield Connect device on a network, affect the integrity and confidentiality of newly created keys, and potentially cause other unspecified impacts using previously loaded keys by connecting to the USB port on the front panel. | ||||
| CVE-2016-8468 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in Binder could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.18. Android ID: A-32394425. | ||||
| CVE-2016-8466 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31822524. References: B-RB#105268. | ||||
| CVE-2016-8465 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32474971. References: B-RB#106053. | ||||
| CVE-2016-8464 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29000183. References: B-RB#106314. | ||||
| CVE-2016-8467 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service (device interoperability: completely permanent or requiring re-flashing the entire operating system). Product: Android. Versions: N/A. Android ID: A-30308784. | ||||
| CVE-2022-38124 | 1 Secomea | 24 Sitemanager 1129, Sitemanager 1129 Firmware, Sitemanager 1139 and 21 more | 2025-04-18 | 5.7 Medium |
| Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner. | ||||
| CVE-2022-31707 | 1 Vmware | 1 Vrealize Operations | 2025-04-18 | 7.2 High |
| vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2. | ||||
| CVE-2023-51435 | 1 Hihonor | 1 Magic Ui | 2025-04-17 | 7.1 High |
| Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak. | ||||
| CVE-2023-23430 | 1 Hihonor | 1 Magichome | 2025-04-17 | 3.3 Low |
| Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions. | ||||
| CVE-2022-1746 | 1 Dominionvoting | 2 Democracy Suite, Imagecast X | 2025-04-17 | 7.6 High |
| The authentication mechanism used by poll workers to administer voting using the tested version of Dominion Voting Systems ImageCast X can expose cryptographic secrets used to protect election information. An attacker could leverage this vulnerability to gain access to sensitive information and perform privileged actions, potentially affecting other election equipment. | ||||
| CVE-2020-14481 | 1 Rockwellautomation | 1 Factorytalk View | 2025-04-17 | 7.8 High |
| The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account, an attacker could gain full access to the user’s operating system and certain components of FactoryTalk View SE. | ||||
| CVE-2024-21622 | 1 Craftcms | 1 Craft Cms | 2025-04-17 | 5.4 Medium |
| Craft is a content management system. This is a potential moderate impact, low complexity privilege escalation vulnerability in Craft starting in 3.x prior to 3.9.6 and 4.x prior to 4.4.16 with certain user permissions setups. This has been fixed in Craft 4.4.16 and Craft 3.9.6. Users should ensure they are running at least those versions. | ||||
| CVE-2022-46327 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-17 | 9.8 Critical |
| Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in system service exceptions. | ||||
| CVE-2022-42046 | 1 Wfs | 1 Heaven Burns Red | 2025-04-17 | 7.8 High |
| wfshbr64.sys and wfshbr32.sys specially crafted IOCTL allows arbitrary user to perform local privilege escalation | ||||
| CVE-2024-27710 | 1 Eskooly | 2 Eskooly, Free Online School Management Software | 2025-04-16 | 9.8 Critical |
| An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the authentication mechanism. | ||||
| CVE-2022-23921 | 1 Ge | 1 Proficy Cimplicitiy | 2025-04-16 | 7.5 High |
| Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a machine actively running CIMPLICITY, the CIMPLICITY server is not already running a project, and the server is licensed for multiple projects. | ||||
| CVE-2020-16238 | 1 Bbraun | 2 Datamodule Compactplus, Spacecom | 2025-04-16 | 6.7 Medium |
| A vulnerability in the configuration import mechanism of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with command line access to the underlying Linux system to escalate privileges to the root user. | ||||
| CVE-2020-36549 | 1 Ge | 2 Voluson S8, Voluson S8 Firmware | 2025-04-16 | 8.8 High |
| A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed. | ||||
| CVE-2022-2104 | 1 Secheron | 2 Sepcos Control And Protection Relay, Sepcos Control And Protection Relay Firmware | 2025-04-16 | 9.9 Critical |
| The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash). | ||||