Total
1799 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4975 | 1 Hikvision | 2 Ds-2cd7153-e, Ds-2cd7153-e Firmware | 2020-01-14 | 9.0 HIGH | 8.8 HIGH |
| Hikvision DS-2CD7153-E IP Camera has Privilege Escalation | |||||
| CVE-2013-4867 | 1 Ea | 2 Karotz Smart Rabbit, Karotz Smart Rabbit Firmware | 2020-01-13 | 6.2 MEDIUM | 6.3 MEDIUM |
| Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking | |||||
| CVE-2019-19544 | 1 Broadcom | 1 Ca Automic Dollar Universe | 2020-01-12 | 7.2 HIGH | 7.8 HIGH |
| CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to the uxdqmsrv binary being setuid root, that allows local attackers to elevate privileges. This vulnerability was reported to CA several years after CA Automic Dollar Universe 5.3.3 reached End of Life (EOL) status on April 1, 2015. | |||||
| CVE-2012-5663 | 1 Openbsd | 1 Textproc\/isearch | 2020-01-10 | 5.0 MEDIUM | 7.5 HIGH |
| The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp). | |||||
| CVE-2019-19151 | 1 F5 | 16 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 13 more | 2019-12-31 | 2.1 LOW | 5.5 MEDIUM |
| On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell (tmsh) privileges are able access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to access objects on the file system which would not normally be allowed. | |||||
| CVE-2013-5027 | 1 O-dyn | 1 Collabtive | 2019-12-30 | 7.5 HIGH | 9.8 CRITICAL |
| Collabtive 1.0 has incorrect access control | |||||
| CVE-2019-6685 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2019-12-30 | 4.6 MEDIUM | 7.8 HIGH |
| On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution. | |||||
| CVE-2012-1104 | 3 Apereo, Debian, Linux | 3 Phpcas, Debian Linux, Linux Kernel | 2019-12-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed. | |||||
| CVE-2012-2312 | 1 Redhat | 2 Jboss Application Server, Jboss Enterprise Application Platform | 2019-12-23 | 4.6 MEDIUM | 7.8 HIGH |
| An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges. | |||||
| CVE-2012-2148 | 2 Linux, Redhat | 3 Linux Kernel, Jboss Community Application Server, Jboss Enterprise Web Server | 2019-12-16 | 1.9 LOW | 3.3 LOW |
| An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies | |||||
| CVE-2012-1615 | 1 Fedoraproject | 2 Fedora, Sectool | 2019-12-16 | 4.6 MEDIUM | 7.8 HIGH |
| A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file. | |||||
| CVE-2012-4480 | 2 Fedoraproject, Ovirt | 2 Fedora, Mom | 2019-12-13 | 4.6 MEDIUM | 7.8 HIGH |
| mom creates world-writable pid files in /var/run | |||||
| CVE-2013-0293 | 1 Ovirt | 1 Node | 2019-12-13 | 7.2 HIGH | 7.8 HIGH |
| oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation | |||||
| CVE-2015-7831 | 1 Cloudera | 1 Cdh | 2019-12-12 | 6.5 MEDIUM | 8.8 HIGH |
| In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used. | |||||
| CVE-2018-0728 | 1 Qnap | 2 Helpdesk, Qts | 2019-12-09 | 5.0 MEDIUM | 7.5 HIGH |
| This improper access control vulnerability in Helpdesk allows attackers to access the system logs. To fix the vulnerability, QNAP recommend updating QTS and Helpdesk to their latest versions. | |||||
| CVE-2019-2225 | 1 Google | 1 Android | 2019-12-09 | 5.8 MEDIUM | 8.8 HIGH |
| When pairing with a Bluetooth device, it may be possible to pair a malicious device without any confirmation from the user, and that device may be able to interact with the phone. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-110433804 | |||||
| CVE-2019-19014 | 1 Titanhq | 1 Webtitan | 2019-12-06 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in TitanHQ WebTitan before 5.18. It has a sudoers file that enables low-privilege users to execute a vast number of commands as root, including mv, chown, and chmod. This can be trivially exploited to gain root privileges by an attacker with access. | |||||
| CVE-2017-7399 | 1 Cloudera | 1 Cloudera Manager | 2019-12-04 | 6.5 MEDIUM | 8.8 HIGH |
| Cloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users. | |||||
| CVE-2019-3466 | 3 Canonical, Debian, Postgresql | 3 Ubuntu Linux, Debian Linux, Postgresql-common | 2019-12-03 | 7.2 HIGH | 7.8 HIGH |
| The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. | |||||
| CVE-2011-3349 | 1 Lightdm Project | 1 Lightdm | 2019-12-03 | 7.2 HIGH | 7.8 HIGH |
| lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation. | |||||