Vulnerabilities (CVE)

Filtered by CWE-264
Total 5442 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-0337 1 F5 1 Nginx 2021-11-10 7.5 HIGH N/A
The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files.
CVE-2017-3832 1 Cisco 2 Wireless Lan Controller, Wireless Lan Controller Firmware 2021-11-08 7.8 HIGH 7.5 HIGH
A vulnerability in the web management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a missing internal handler for the specific request. An attacker could exploit this vulnerability by accessing a specific hidden URL on the GUI web management interface. A successful exploit could allow the attacker to cause a reload of the device, resulting in a DoS condition. This vulnerability affects only the Cisco Wireless LAN Controller 8.3.102.0 release. Cisco Bug IDs: CSCvb48198.
CVE-2020-11933 1 Canonical 2 Snapd, Ubuntu Linux 2021-11-04 4.6 MEDIUM 6.8 MEDIUM
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659.
CVE-2019-19107 2 Abb, Busch-jaeger 4 Tg\/s3.2, Tg\/s3.2 Firmware, 6186\/11 and 1 more 2021-11-03 2.1 LOW 5.5 MEDIUM
The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext (although hidden when displayed).
CVE-2019-17326 1 Clipsoft 1 Rexpert 2021-11-03 4.3 MEDIUM 6.5 MEDIUM
ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to arbitrary file deletion by issuing a HTTP GET request with a specially crafted parameter. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
CVE-2019-17322 1 Clipsoft 1 Rexpert 2021-11-03 4.3 MEDIUM 6.5 MEDIUM
ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation via a POST request with the parameter set to the file path to be written. This can be an executable file that is written to in the arbitrary directory. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
CVE-2019-15960 1 Cisco 1 Webex Meetings 2021-11-02 6.5 MEDIUM 5.4 MEDIUM
A vulnerability in the Webex Network Recording Admin page of Cisco Webex Meetings could allow an authenticated, remote attacker to elevate privileges in the context of the affected page. To exploit this vulnerability, the attacker must be logged in as a low-level administrator. The vulnerability is due to insufficient access control validation. An attacker could exploit this vulnerability by submitting a crafted URL request to gain privileged access in the context of the affected page. A successful exploit could allow the attacker to elevate privileges in the Webex Recording Admin page, which could allow them to view or delete recordings that they would not normally be able to access.
CVE-2019-11773 1 Eclipse 1 Omr 2021-10-28 4.4 MEDIUM 7.8 HIGH
Prior to 0.1, AIX builds of Eclipse OMR contain unused RPATHs which may facilitate code injection and privilege elevation by local users.
CVE-2020-3208 1 Cisco 5 1120, 1240, 809 and 2 more 2021-10-26 7.2 HIGH 6.7 MEDIUM
A vulnerability in the image verification feature of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) could allow an authenticated, local attacker to boot a malicious software image on an affected device. The vulnerability is due to insufficient access restrictions on the area of code that manages the image verification feature. An attacker could exploit this vulnerability by first authenticating to the targeted device and then logging in to the Virtual Device Server (VDS) of an affected device. The attacker could then, from the VDS shell, disable Cisco IOS Software integrity (image) verification. A successful exploit could allow the attacker to boot a malicious Cisco IOS Software image on the targeted device. To exploit this vulnerability, the attacker must have valid user credentials at privilege level 15.
CVE-2020-3215 1 Cisco 1 Ios Xe 2021-10-19 7.2 HIGH 6.7 MEDIUM
A vulnerability in the Virtual Services Container of Cisco IOS XE Software could allow an authenticated, local attacker to gain root-level privileges on an affected device. The vulnerability is due to insufficient validation of a user-supplied open virtual appliance (OVA). An attacker could exploit this vulnerability by installing a malicious OVA on an affected device.
CVE-2020-3213 1 Cisco 1 Ios Xe 2021-10-19 7.2 HIGH 6.7 MEDIUM
A vulnerability in the ROMMON of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to those of the root user of the underlying operating system. The vulnerability is due to the ROMMON allowing for special parameters to be passed to the device at initial boot up. An attacker could exploit this vulnerability by sending parameters to the device at initial boot up. An exploit could allow the attacker to elevate from a Priv15 user to the root user and execute arbitrary commands with the privileges of the root user.
CVE-2021-25482 1 Google 1 Android 2021-10-13 3.6 LOW 4.4 MEDIUM
SQL injection vulnerabilities in CMFA framework prior to SMR Oct-2021 Release 1 allow untrusted application to overwrite some CMFA framework information.
CVE-2021-28497 1 Arista 2 7130, Metamako Operating System 2021-09-22 4.6 MEDIUM 7.8 HIGH
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.26.6 and below releases in the MOS-0.2x train MOS-0.31.1 and below releases in the MOS-0.3x train
CVE-2019-19100 1 Br-automation 1 Automation Studio 2021-09-14 3.6 LOW 7.1 HIGH
A privilege escalation vulnerability in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.4SP, <. 4.6.3SP, < 4.7.2 and < 4.8.1 allow authenticated users to delete arbitrary files via an exposed interface.
CVE-2019-19106 2 Abb, Busch-jaeger 4 Tg\/s3.2, Tg\/s3.2 Firmware, 6186\/11 and 1 more 2021-09-14 6.4 MEDIUM 9.1 CRITICAL
Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing or editing user profiles and application settings.
CVE-2012-1248 1 Basercms 1 Basercms 2021-09-14 5.1 MEDIUM N/A
app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain.
CVE-2014-5070 1 Microsemi 2 S350i, S350i Firmware 2021-09-13 6.5 MEDIUM 8.8 HIGH
Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page.
CVE-2015-2889 1 Summerinfant 2 Baby Zoom Wifi Monitor, Baby Zoom Wifi Monitor Firmware 2021-09-10 6.5 MEDIUM 8.8 HIGH
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to gain privileges via manual entry of a Settings URL.
CVE-2016-6268 1 Trendmicro 1 Smart Protection Server 2021-09-09 7.2 HIGH 7.8 HIGH
Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to execute arbitrary code with root privileges via a Trojan horse .war file in the Solr webapps directory.
CVE-2014-8421 2 Atos, Unify 8 Openscape Desk Phone Ip 35g, Openscape Desk Phone Ip 35g Eco, Openscape Desk Phone Ip 55g and 5 more 2021-09-09 8.5 HIGH 7.5 HIGH
Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh, or (20) appWeb in /Opera_Deploy.