CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (Gain Privilege)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-9000 264 Exec Code +Priv 2014-11-20 2014-11-20
6.5
None Remote Low Single system Partial Partial Partial
Mule Enterprise Management Console (MMC) does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitrary code via a crafted request that adds a new user. NOTE: this issue was originally reported for ESB Runtime 3.5.1, but it originates in MMC.
2 CVE-2014-8595 17 DoS +Priv 2014-11-19 2014-11-19
1.9
None Local Medium Not required None None Partial
arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far branch instruction.
3 CVE-2014-8494 264 +Priv 2014-11-03 2014-11-04
4.6
None Local Low Not required Partial Partial Partial
ESTsoft ALUpdate 8.5.1.0.0 uses weak permissions (Users: Full Control) for the (1) AlUpdate folder and (2) AlUpdate.exe, which allows local users to gain privileges via a Trojan horse file.
4 CVE-2014-8419 +Priv 2014-11-26 2014-11-26
0.0
None ??? ??? ??? ??? ??? ???
Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read and write access for all users) for codemeter.exe, which allows local users to gain privileges via a Trojan horse file.
5 CVE-2014-8418 264 +Priv 2014-11-24 2014-11-25
9.0
None Remote Low Single system Complete Complete Complete
The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, 11.x before 11.1.4.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 1.8 before 1.8.28-cert8 and 11.6 before 11.6-cert8 allows remote authenticated users to gain privileges via a call from an external protocol, as demonstrated by the AMI protocol.
6 CVE-2014-8417 264 Exec Code +Priv 2014-11-24 2014-11-25
6.5
None Remote Low Single system Partial Partial Partial
ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 11.6 before 11.6-cert8 allows remote authenticated users to (1) gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or (2) execute arbitrary system commands via a crafted ConfbridgeStartRecord AMI action.
7 CVE-2014-8368 264 Exec Code +Priv 2014-11-25 2014-11-26
9.0
None Remote Low Single system Complete Complete Complete
The web interface in Aruba Networks AirWave before 7.7.14 and 8.x before 8.0.5 allows remote authenticated users to gain privileges and execute arbitrary commands via unspecified vectors.
8 CVE-2014-7989 20 +Priv 2014-11-07 2014-11-18
6.8
Admin Local Low Single system Complete Complete Complete
Cisco Unified Computing System on B-Series blade servers allows local users to gain shell privileges via a crafted (1) ping6 or (2) traceroute6 command, aka Bug ID CSCuq38176.
9 CVE-2014-7826 264 DoS +Priv 2014-11-10 2014-11-10
4.6
User Local Low Not required Partial Partial Partial
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.
10 CVE-2014-7155 264 DoS +Priv 2014-10-02 2014-11-13
5.8
None Local Network Low Not required Partial Partial Partial
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction.
11 CVE-2014-6625 284 +Priv 2014-11-19 2014-11-19
9.0
Admin Remote Low Single system Complete Complete Complete
The Policy Manager in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote authenticated users to gain privileges via unspecified vectors.
12 CVE-2014-6607 255 1 +Priv 2014-10-06 2014-10-07
7.5
None Remote Low Not required Partial Partial Partial
M/Monit 3.3.2 and earlier does not verify the original password before changing passwords, which allows remote attackers to change the password of other users and gain privileges via the fullname and password parameters, a different vulnerability than CVE-2014-6409.
13 CVE-2014-6350 264 +Priv 2014-11-11 2014-11-12
4.3
None Remote Medium Not required None Partial None
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6349.
14 CVE-2014-6349 264 +Priv 2014-11-11 2014-11-12
4.3
None Remote Medium Not required None Partial None
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6350.
15 CVE-2014-6322 20 +Priv 2014-11-11 2014-11-12
4.3
None Remote Medium Not required None Partial None
The Windows Audio service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted web site, as demonstrated by execution of web script in Internet Explorer, aka "Windows Audio Service Vulnerability."
16 CVE-2014-5507 264 1 +Priv 2014-11-03 2014-11-04
7.2
None Local Low Not required Complete Complete Complete
iBackup 10.0.0.32 and earlier uses weak permissions (Everyone: Full Control) for ib_service.exe, which allows local users to gain privileges via a Trojan horse file.
17 CVE-2014-5455 1 +Priv 2014-08-25 2014-08-26
6.9
None Local Medium Not required Complete Complete Complete
Unquoted Windows search path vulnerability in the ptservice service in PrivateTunnel 2.3.8, as bundled in OpenVPN 2.1.28.0 allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.
18 CVE-2014-5453 264 1 +Priv 2014-08-25 2014-08-26
7.2
None Local Low Not required Complete Complete Complete
Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: Full Control) for the program installation directory (%PROGRAMFILES%\Ubisoft Game Launcher), which allows local users to gain privileges via a Trojan horse file.
19 CVE-2014-5430 +Priv 2014-11-07 2014-11-07
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in ABB RobotStudio 5.6x before 5.61.02 and Test Signal Viewer 1.5 allows local users to gain privileges via a Trojan horse DLL that is accessed as a result of incorrect DLL configuration by an optional installation program.
20 CVE-2014-5421 255 +Priv 2014-10-18 2014-10-22
6.8
None Local Low Not required Complete Complete Partial
CareFusion Pyxis SupplyStation 8.1 with hardware test tool 1.0.16 and earlier has a hardcoded database password, which makes it easier for local users to gain privileges by leveraging cabinet access.
21 CVE-2014-5307 119 Overflow +Priv 2014-08-26 2014-08-27
7.2
None Local Low Not required Complete Complete Complete
Heap-based buffer overflow in the PavTPK.sys kernel mode driver of Panda Security 2014 products before hft131306s24_r1 allows local users to gain privileges via a crafted argument to a 0x222008 IOCTL call.
22 CVE-2014-5285 +Priv +Info 2014-09-04 2014-09-05
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Authentication Module in TIBCO Spotfire Server before 4.5.2, 5.0.x before 5.0.3, 5.5.x before 5.5.2, 6.0.x before 6.0.3, and 6.5.x before 6.5.1 allows remote attackers to gain privileges, and obtain sensitive information or modify data, via unknown vectors.
23 CVE-2014-5263 119 DoS Overflow +Priv Mem. Corr. 2014-08-26 2014-11-18
6.8
None Remote Medium Not required Partial Partial Partial
vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain privileges via unspecified vectors.
24 CVE-2014-5207 264 1 DoS +Priv 2014-08-18 2014-11-13
6.0
None Local High Single system Complete Complete Complete
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace.
25 CVE-2014-5148 119 DoS Overflow +Priv 2014-10-26 2014-10-30
4.4
None Local Medium Not required Partial Partial Partial
Xen 4.4.x, when running on an ARM system and "handling an unknown system register access from 64-bit userspace," returns to an instruction of the trap handler for kernel space faults instead of an instruction that is associated with faults in 64-bit userspace, which allows local guest users to cause a denial of service (crash) and possibly gain privileges via a crafted process.
26 CVE-2014-4973 20 +Priv 2014-09-23 2014-09-24
6.9
None Local Medium Not required Complete Complete Complete
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL call.
27 CVE-2014-4971 2 +Priv 2014-07-26 2014-11-13
7.2
None Local Low Not required Complete Complete Complete
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.
28 CVE-2014-4943 264 +Priv 2014-07-19 2014-11-13
6.9
None Local Medium Not required Complete Complete Complete
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.
29 CVE-2014-4870 20 +Priv 2014-10-07 2014-10-07
7.2
None Local Low Not required Complete Complete Complete
/opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges by leveraging the sudo configuration.
30 CVE-2014-4867 264 +Priv 2014-10-10 2014-10-15
6.8
None Local Low Single system Complete Complete Complete
Cryoserver Security Appliance 7.3.x uses weak permissions for /etc/init.d/cryoserver, which allows local users to gain privileges by leveraging access to the support account and running the /bin/cryo-mgmt program.
31 CVE-2014-4833 20 +Priv 2014-10-18 2014-10-22
6.5
None Remote Low Single system Partial Partial Partial
IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote authenticated users to gain privileges via invalid input.
32 CVE-2014-4699 362 1 DoS +Priv 2014-07-09 2014-08-01
6.9
None Local Medium Not required Complete Complete Complete
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.
33 CVE-2014-4685 264 +Priv 2014-07-24 2014-07-25
4.6
None Local Low Not required Partial Partial Partial
Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access control.
34 CVE-2014-4684 264 +Priv 2014-07-24 2014-07-25
6.0
None Remote Medium Single system Partial Partial Partial
The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433.
35 CVE-2014-4683 264 +Priv 2014-07-24 2014-07-25
4.9
None Remote Medium Single system Partial Partial None
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request.
36 CVE-2014-4622 264 +Priv Bypass 2014-09-17 2014-09-17
7.1
None Remote High Single system Complete Complete Complete
EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and 7.1 before P08 does not properly check authorization for subgroups of privileged groups, which allows remote authenticated sysadmins to gain super-user privileges, and bypass intended restrictions on data access and server actions, via unspecified vectors.
37 CVE-2014-4618 264 +Priv 2014-08-20 2014-09-04
8.5
None Remote Medium Single system Complete Complete Complete
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to gain privileges via a user-created system object.
38 CVE-2014-4444 287 +Priv 2014-10-17 2014-10-31
4.4
None Local Medium Not required Partial Partial Partial
SecurityAgent in Apple OS X before 10.10 does not ensure that a Kerberos ticket is in the cache for the correct user, which allows local users to gain privileges in opportunistic circumstances by leveraging a Fast User Switching login.
39 CVE-2014-4408 119 DoS Overflow +Priv 2014-09-18 2014-10-24
6.9
None Local Medium Not required Complete Complete Complete
The rt_setgate function in the kernel in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (out-of-bounds read and device crash) via a crafted call.
40 CVE-2014-4386 362 +Priv 2014-09-18 2014-09-18
1.9
None Local Medium Not required None Partial None
Race condition in the App Installation feature in Apple iOS before 8 allows local users to gain privileges and install unverified apps by leveraging /tmp write access.
41 CVE-2014-4375 DoS +Priv 2014-09-18 2014-10-24
7.2
None Local Low Not required Complete Complete Complete
Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.
42 CVE-2014-4124 79 +Priv XSS 2014-10-15 2014-10-31
6.8
User Remote Medium Not required Partial Partial Partial
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-4123.
43 CVE-2014-4123 79 +Priv XSS 2014-10-15 2014-10-31
6.8
User Remote Medium Not required Partial Partial Partial
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," as exploited in the wild in October 2014, a different vulnerability than CVE-2014-4124.
44 CVE-2014-4113 264 1 +Priv 2014-10-15 2014-11-18
7.2
None Local Low Not required Complete Complete Complete
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."
45 CVE-2014-4076 264 +Priv 2014-11-11 2014-11-12
7.2
None Local Low Not required Complete Complete Complete
Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."
46 CVE-2014-4074 264 +Priv 2014-09-09 2014-09-10
6.8
Admin Local Low Single system Complete Complete Complete
The Task Scheduler in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via an application that schedules a crafted task, aka "Task Scheduler Vulnerability."
47 CVE-2014-4073 264 +Priv 2014-10-15 2014-10-31
10.0
None Remote Low Not required Complete Complete Complete
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of Privilege Vulnerability."
48 CVE-2014-3980 264 +Priv 2014-06-11 2014-06-12
4.6
None Local Low Not required Partial Partial Partial
libfep 0.0.5 before 0.1.0 does not properly use UNIX domain sockets in the abstract namespace, which allows local users to gain privileges via unspecified vectors.
49 CVE-2014-3969 264 +Priv 2014-06-05 2014-06-13
7.4
None Local Network Medium Single system Complete Complete Complete
Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors.
50 CVE-2014-3910 94 +Priv 2014-09-05 2014-11-18
4.4
None Local Medium Not required Partial Partial Partial
Emurasoft EmFTP allows local users to gain privileges via a Trojan horse executable file that is launched during an attempt to read a similarly named file that lacks a filename extension.
Total number of vulnerabilities : 3291   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.