Total
2377 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-9412 | 1 Mybb | 2 Merge System, Mybb | 2017-02-05 | 7.5 HIGH | 9.8 CRITICAL |
| MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have unspecified impact via vectors related to low adminsid and sid entropy. | |||||
| CVE-2015-8973 | 1 Mybb | 2 Merge System, Mybb | 2017-02-05 | 7.5 HIGH | 8.3 HIGH |
| xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended access restrictions via vectors related to the forum password. | |||||
| CVE-2016-9413 | 1 Mybb | 2 Merge System, Mybb | 2017-02-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| The Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | |||||
| CVE-2016-9415 | 2 Microsoft, Mybb | 3 Windows, Merge System, Mybb | 2017-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows allow remote attackers to overwrite arbitrary CSS files via vectors related to "style import." | |||||
| CVE-2016-8227 | 1 Lenovo | 1 Transition | 2017-01-28 | 7.2 HIGH | 7.8 HIGH |
| Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges. | |||||
| CVE-2016-7792 | 1 Ubiquiti Networks | 2 Unifi Ap Ac Lite, Unifi Ap Ac Lite Firmware | 2017-01-26 | 8.3 HIGH | 8.8 HIGH |
| Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the database by directly connecting to it. | |||||
| CVE-2014-8362 | 1 Vivint | 2 Sky Control Panel, Sky Control Panel Firmware | 2017-01-25 | 10.0 HIGH | 9.8 CRITICAL |
| Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm system and modify other security settings via the Web-enabled interface. | |||||
| CVE-2016-8444 | 1 Linux | 1 Linux Kernel | 2017-01-24 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31243641. References: QC-CR#1074310. | |||||
| CVE-2016-7794 | 1 Sociomantic | 1 Git-hub | 2017-01-20 | 7.5 HIGH | 9.8 CRITICAL |
| sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository name. | |||||
| CVE-2016-7793 | 1 Sociomantic | 1 Git-hub | 2017-01-20 | 6.8 MEDIUM | 8.8 HIGH |
| sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository URL. | |||||
| CVE-2016-6758 | 1 Linux | 1 Linux Kernel | 2017-01-19 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30148882. References: QC-CR#1071731. | |||||
| CVE-2016-6759 | 1 Linux | 1 Linux Kernel | 2017-01-19 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29982686. References: QC-CR#1055766. | |||||
| CVE-2016-6760 | 1 Linux | 1 Linux Kernel | 2017-01-19 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29617572. References: QC-CR#1055783. | |||||
| CVE-2016-6761 | 1 Linux | 1 Linux Kernel | 2017-01-19 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29421682. References: QC-CR#1055792. | |||||
| CVE-2016-6768 | 1 Google | 1 Android | 2017-01-19 | 6.8 MEDIUM | 7.8 HIGH |
| A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31631842. | |||||
| CVE-2016-6769 | 1 Google | 1 Android | 2017-01-19 | 2.1 LOW | 4.6 MEDIUM |
| An elevation of privilege vulnerability in Smart Lock could enable a local malicious user to access Smart Lock settings without a PIN. This issue is rated as Moderate because it first requires physical access to an unlocked device where Smart Lock was the last settings pane accessed by the user. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1. Android ID: A-29055171. | |||||
| CVE-2016-6770 | 1 Google | 1 Android | 2017-01-19 | 4.3 MEDIUM | 3.3 LOW |
| An elevation of privilege vulnerability in the Framework API could enable a local malicious application to access system functions beyond its access level. This issue is rated as Moderate because it is a local bypass of restrictions on a constrained process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-30202228. | |||||
| CVE-2016-6782 | 1 Linux | 1 Linux Kernel | 2017-01-19 | 9.3 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31224389. References: MT-ALPS02943506. | |||||
| CVE-2016-6781 | 1 Linux | 1 Linux Kernel | 2017-01-19 | 9.3 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31095175. References: MT-ALPS02943455. | |||||
| CVE-2016-6780 | 1 Linux | 1 Linux Kernel | 2017-01-19 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31251496. | |||||