| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to gain privileges via manual entry of a Settings URL. |
| The sudoers file in the asset discovery scanner in AlienVault OSSIM before 5.0.1 allows local users to gain privileges via a crafted nmap script. |
| attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file". |
| The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers to bypass application restrictions. |
| Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain privileges by replacing the LiebertM executable file. |
| ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal does not verify the "edit" permission for the "content type" plugins that are used on Panels and similar systems to place content and functionality on a page. |
| Huawei LogCenter V100R001C10 could allow an authenticated attacker to tamper with requests using a tool and submit a request to the server for privilege escalation, affecting some system functions. |
| click/install.py in click does not require files in package filesystem tarballs to start with ./ (dot slash), which allows remote attackers to install an alternate security policy and gain privileges via a crafted package, as demonstrated by the test.mmrow app for Ubuntu phone. |
| A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service. |
| Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command. |
| In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended. |
| In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user. |
| With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions. |
| The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547, as demonstrated by opening WAN access to TCP port 80, retrieving the login password (which defaults to the Wi-Fi password), and using the NewNTPServer feature. |
| Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens (AuthTokens) used by the Trusted Execution Environment (TEE) are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE without authenticating. All apps using authentication-gated cryptography are vulnerable to this attack, which was confirmed on the LG Nexus 5X. |
| A logged-in user in NetIQ Access Governance Suite 6.0 through 6.4 could escalate privileges to administrator. |
| Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions. |
| IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting room manager to remove the primary managers privileges. IBM X-Force ID: 113804. |
| Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges. |
| IBM Security Access Manager for Web 9.0.0 could allow an authenticated user to access some privileged functionality of the server. IBM X-Force ID: 114714. |