Total
1477 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4767 | 1 Safend | 1 Data Protector Agent | 2020-01-21 | 3.6 LOW | 6.1 MEDIUM |
| An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the logs.9972 directory, which could let a malicious user decrypt and potentially change the Safend security policies applied to the machine. | |||||
| CVE-2012-4760 | 1 Safend | 1 Data Protector Agent | 2020-01-21 | 7.2 HIGH | 7.8 HIGH |
| A Privilege Escalation vulnerability exists in the SDBagent service in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges. | |||||
| CVE-2016-6590 | 1 Symantec | 4 Encryption Desktop, Endpoint Encryption, Ghost Solution Suite and 1 more | 2020-01-21 | 4.4 MEDIUM | 7.8 HIGH |
| A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code. | |||||
| CVE-2020-0635 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-01-17 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0644. | |||||
| CVE-2020-6949 | 1 Hashbrowncms | 1 Hashbrown Cms | 2020-01-17 | 6.5 MEDIUM | 8.8 HIGH |
| A privilege escalation issue was discovered in the postUser function in HashBrown CMS through 1.3.3. An editor user can change the password hash of an admin user's account, or otherwise reconfigure that account. | |||||
| CVE-2013-4975 | 1 Hikvision | 2 Ds-2cd7153-e, Ds-2cd7153-e Firmware | 2020-01-14 | 9.0 HIGH | 8.8 HIGH |
| Hikvision DS-2CD7153-E IP Camera has Privilege Escalation | |||||
| CVE-2013-4867 | 1 Ea | 2 Karotz Smart Rabbit, Karotz Smart Rabbit Firmware | 2020-01-13 | 6.2 MEDIUM | 6.3 MEDIUM |
| Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking | |||||
| CVE-2019-19544 | 1 Broadcom | 1 Ca Automic Dollar Universe | 2020-01-12 | 7.2 HIGH | 7.8 HIGH |
| CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to the uxdqmsrv binary being setuid root, that allows local attackers to elevate privileges. This vulnerability was reported to CA several years after CA Automic Dollar Universe 5.3.3 reached End of Life (EOL) status on April 1, 2015. | |||||
| CVE-2012-5663 | 1 Openbsd | 1 Textproc\/isearch | 2020-01-10 | 5.0 MEDIUM | 7.5 HIGH |
| The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp). | |||||
| CVE-2019-19151 | 1 F5 | 16 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 13 more | 2019-12-31 | 2.1 LOW | 5.5 MEDIUM |
| On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell (tmsh) privileges are able access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to access objects on the file system which would not normally be allowed. | |||||
| CVE-2013-5027 | 1 O-dyn | 1 Collabtive | 2019-12-30 | 7.5 HIGH | 9.8 CRITICAL |
| Collabtive 1.0 has incorrect access control | |||||
| CVE-2019-6685 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2019-12-30 | 4.6 MEDIUM | 7.8 HIGH |
| On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution. | |||||
| CVE-2012-1104 | 3 Apereo, Debian, Linux | 3 Phpcas, Debian Linux, Linux Kernel | 2019-12-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed. | |||||
| CVE-2012-2312 | 1 Redhat | 2 Jboss Application Server, Jboss Enterprise Application Platform | 2019-12-23 | 4.6 MEDIUM | 7.8 HIGH |
| An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges. | |||||
| CVE-2012-2148 | 2 Linux, Redhat | 3 Linux Kernel, Jboss Community Application Server, Jboss Enterprise Web Server | 2019-12-16 | 1.9 LOW | 3.3 LOW |
| An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies | |||||
| CVE-2012-1615 | 1 Fedoraproject | 2 Fedora, Sectool | 2019-12-16 | 4.6 MEDIUM | 7.8 HIGH |
| A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file. | |||||
| CVE-2012-4480 | 2 Fedoraproject, Ovirt | 2 Fedora, Mom | 2019-12-13 | 4.6 MEDIUM | 7.8 HIGH |
| mom creates world-writable pid files in /var/run | |||||
| CVE-2013-0293 | 1 Ovirt | 1 Node | 2019-12-13 | 7.2 HIGH | 7.8 HIGH |
| oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation | |||||
| CVE-2015-7831 | 1 Cloudera | 1 Cdh | 2019-12-12 | 6.5 MEDIUM | 8.8 HIGH |
| In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used. | |||||
| CVE-2018-0728 | 1 Qnap | 2 Helpdesk, Qts | 2019-12-09 | 5.0 MEDIUM | 7.5 HIGH |
| This improper access control vulnerability in Helpdesk allows attackers to access the system logs. To fix the vulnerability, QNAP recommend updating QTS and Helpdesk to their latest versions. | |||||