Total
5476 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-9922 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | N/A |
| The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. | ||||
| CVE-2014-9921 | 1 Mcafee | 1 Cloud Analysis And Deconstructive Services | 2025-04-20 | N/A |
| Information disclosure vulnerability in McAfee (now Intel Security) Cloud Analysis and Deconstructive Services (CADS) 1.0.0.3x, 1.0.0.4d and earlier allows remote unauthenticated users to view, add, and remove users via a configuration error. | ||||
| CVE-2014-3222 | 1 Huawei | 1 Espace Meeting | 2025-04-20 | N/A |
| In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key resources. | ||||
| CVE-2014-7851 | 2 Ovirt, Redhat | 3 Ovirt, Ovirt-engine, Rhev Manager | 2025-04-20 | N/A |
| oVirt 3.2.2 through 3.5.0 does not invalidate the restapi session after logout from the webadmin, which allows remote authenticated users with knowledge of another user's session data to gain that user's privileges by replacing their session token with that of another user. | ||||
| CVE-2014-7920 | 1 Google | 1 Android | 2025-04-20 | N/A |
| mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921. | ||||
| CVE-2014-7921 | 1 Google | 1 Android | 2025-04-20 | N/A |
| mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920. | ||||
| CVE-2014-8156 | 5 Debian, Fso-frameworkd Project, Fso-gsmd Project and 2 more | 5 Debian Linux, Fso-frameworkd, Fso-gsmd and 2 more | 2025-04-20 | N/A |
| The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git (fsoaudiod, fsodatad, fsodeviced, fsogsmd, fsonetworkd, fsotdld, fsousaged) git master on 2015-01-19, the upstream framework.git 0.10.1 and git master on 2015-01-19, phonefsod 0.1+git20121018-1 as packaged in Debian, Ubuntu and potentially other packages, and potentially other fso modules do not properly filter D-Bus message paths, which might allow local users to cause a denial of service (dbus-daemon memory consumption), or execute arbitrary code as root by sending a crafted D-Bus message to any D-Bus system service. | ||||
| CVE-2014-8428 | 1 Barracuda | 1 Load Balancer | 2025-04-20 | N/A |
| Privilege escalation vulnerability in Barracuda Load Balancer 5.0.0.015 via the use of an improperly protected SSH key. | ||||
| CVE-2014-8708 | 1 Pluck-cms | 1 Pluck | 2025-04-20 | N/A |
| Pluck CMS 4.7.2 allows remote attackers to execute arbitrary code via the blog form feature. | ||||
| CVE-2014-9262 | 1 Snapcreek | 1 Duplicator | 2025-04-20 | N/A |
| The Duplicator plugin in Wordpress before 0.5.10 allows remote authenticated users to create and download backup files. | ||||
| CVE-2014-0073 | 1 Apache | 2 Cordova, Cordova In-app-browser | 2025-04-20 | N/A |
| The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova.inappbrowser) before 0.3.2 for iOS and the In-App-Browser plugin for iOS from Cordova 2.6.0 through 2.9.0 does not properly validate callback identifiers, which allows remote attackers to execute arbitrary JavaScript in the host page and consequently gain privileges via a crafted gap-iab: URI. | ||||
| CVE-2013-7432 | 1 Mapsplugin | 1 Googlemaps | 2025-04-20 | N/A |
| The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to bypass an intended protection mechanism. | ||||
| CVE-2015-3643 | 2 Canonical, Usb-creator Project | 2 Ubuntu Linux, Usb-creator | 2025-04-20 | N/A |
| usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local users to gain privileges by leveraging a missing call check_polkit for the KVMTest method. | ||||
| CVE-2016-10156 | 1 Systemd Project | 1 Systemd | 2025-04-20 | N/A |
| A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229. | ||||
| CVE-2016-10013 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation. | ||||
| CVE-2016-10117 | 1 Firejail Project | 1 Firejail | 2025-04-20 | N/A |
| Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc. | ||||
| CVE-2016-1883 | 1 Freebsd | 1 Freebsd | 2025-04-20 | N/A |
| The issetugid system call in the Linux compatibility layer in FreeBSD 9.3, 10.1, and 10.2 allows local users to gain privilege via unspecified vectors. | ||||
| CVE-2016-10275 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-34514954. References: QC-CR#1009111. | ||||
| CVE-2016-10283 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32094986. References: QC-CR#2002052. | ||||
| CVE-2016-10289 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the Qualcomm crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33899710. References: QC-CR#1116295. | ||||