CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (Gain Privilege)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-7093 264 +Priv 2016-09-21 2016-09-21
7.2
None Local Low Not required Complete Complete Complete
Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation.
2 CVE-2016-7092 264 +Priv 2016-09-21 2016-09-22
6.8
None Local Low Single system Complete Complete Complete
The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables.
3 CVE-2016-7089 264 Exec Code +Priv 2016-08-24 2016-08-25
7.2
None Local Low Not required Complete Complete Complete
WatchGuard RapidStream appliances allow local users to gain privileges and execute arbitrary commands via a crafted ifconfig command, aka ESCALATEPLOWMAN.
4 CVE-2016-6516 119 DoS Overflow +Priv 2016-08-06 2016-08-10
4.4
None Local Medium Not required Partial Partial Partial
Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (heap-based buffer overflow) or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability.
5 CVE-2016-6486 264 +Priv 2016-08-07 2016-08-10
7.2
None Local Low Not required Complete Complete Complete
Siemens SINEMA Server uses weak permissions for the application folder, which allows local users to gain privileges via unspecified vectors.
6 CVE-2016-6369 264 +Priv 2016-08-25 2016-08-26
7.2
None Local Low Not required Complete Complete Complete
Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464.
7 CVE-2016-6367 +Priv 2016-08-18 2016-08-25
6.8
None Local Low Single system Complete Complete Complete
Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.
8 CVE-2016-6362 264 +Priv 2016-08-22 2016-08-22
7.2
None Local Low Not required Complete Complete Complete
Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725.
9 CVE-2016-6318 119 DoS Overflow +Priv 2016-09-07 2016-09-08
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.
10 CVE-2016-6258 284 +Priv 2016-08-02 2016-09-09
7.2
User Local Low Not required Complete Complete Complete
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
11 CVE-2016-6211 264 +Priv 2016-09-09 2016-09-09
6.5
None Remote Low Single system Partial Partial Partial
The User module in Drupal 7.x before 7.44 allows remote authenticated users to gain privileges via vectors involving contributed or custom code that triggers a rebuild of the user profile form.
12 CVE-2016-6193 264 DoS Overflow +Priv 2016-08-02 2016-08-03
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6192.
13 CVE-2016-6192 264 DoS Overflow +Priv 2016-08-02 2016-08-03
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6193.
14 CVE-2016-6187 119 Overflow +Priv 2016-08-06 2016-08-11
7.2
None Local Low Not required Complete Complete Complete
The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook.
15 CVE-2016-6184 284 DoS +Priv 2016-09-07 2016-09-08
6.9
None Local Medium Not required Complete Complete Complete
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6180, CVE-2016-6181, CVE-2016-6182, and CVE-2016-6183.
16 CVE-2016-6183 284 DoS +Priv 2016-09-07 2016-09-08
6.9
None Local Medium Not required Complete Complete Complete
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6180, CVE-2016-6181, CVE-2016-6182, and CVE-2016-6184.
17 CVE-2016-6182 284 DoS +Priv 2016-09-07 2016-09-08
9.3
None Remote Medium Not required Complete Complete Complete
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6180, CVE-2016-6181, CVE-2016-6183, and CVE-2016-6184.
18 CVE-2016-6181 284 DoS +Priv 2016-09-07 2016-09-08
6.9
None Local Medium Not required Complete Complete Complete
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6180, CVE-2016-6182, CVE-2016-6183, and CVE-2016-6184.
19 CVE-2016-6180 284 DoS +Priv 2016-09-07 2016-09-08
6.9
None Local Medium Not required Complete Complete Complete
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6181, CVE-2016-6182, CVE-2016-6183, and CVE-2016-6184.
20 CVE-2016-6179 284 DoS +Priv 2016-09-07 2016-09-15
6.9
None Local Medium Not required Complete Complete Complete
The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 before H60-L01C00B850, H60-L11 before H60-L11C00B850, H60-L21 before H60-L21C00B850, H60-L02 before H60-L02C00B850, H60-L12 before H60-L12C00B850, and H60-L03 before H60-L03C01B850 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application.
21 CVE-2016-5847 264 +Priv 2016-08-12 2016-08-17
4.4
None Local Medium Not required Partial Partial Partial
SAP SAPCAR allows local users to change the permissions of arbitrary files and consequently gain privileges via a hard link attack on files extracted from an archive, possibly related to SAP Security Note 2327384.
22 CVE-2016-5821 264 +Priv 2016-07-13 2016-07-14
7.2
None Local Low Not required Complete Complete Complete
Huawei HiSuite before 4.0.4.204_ove (Out of China) and before 4.0.4.301 (China) use a weak ACL (FILE_WRITE_DATA for BUILTIN\Users) for the HiSuite service directory, which allows local users to gain SYSTEM privileges via a Trojan horse (1) SspiCli.dll or (2) USERENV.dll file or possibly other unspecified DLL files.
23 CVE-2016-5723 264 +Priv 2016-06-24 2016-06-27
7.2
Admin Local Low Not required Complete Complete Complete
Huawei FusionInsight HD before V100R002C60SPC200 allows local users to gain root privileges via unspecified vectors.
24 CVE-2016-5662 +Priv 2016-08-26 2016-08-29
7.2
None Local Low Not required Complete Complete Complete
Accellion Kiteworks appliances before kw2016.03.00 use setuid-root permissions for /opt/bin/cli, which allows local users to gain privileges via unspecified vectors.
25 CVE-2016-5654 264 +Priv 2016-07-19 2016-07-20
8.5
Admin Remote Medium Single system Complete Complete Complete
Misys FusionCapital Opics Plus allows remote authenticated users to gain privileges via a man-in-the-middle attack that modifies the xmlMessageOut parameter.
26 CVE-2016-5422 264 +Priv 2016-09-07 2016-09-08
6.5
None Remote Low Single system Partial Partial Partial
The web console in Red Hat JBoss Operations Network (JON) before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admin privileges via a crafted POST request.
27 CVE-2016-5330 426 +Priv 2016-08-07 2016-08-12
4.4
None Local Medium Not required Partial Partial Partial
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
28 CVE-2016-4997 264 DoS +Priv Mem. Corr. 2016-07-03 2016-08-26
7.2
None Local Low Not required Complete Complete Complete
The compat IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.
29 CVE-2016-4962 264 DoS +Priv 2016-06-07 2016-09-12
6.8
None Local Low Single system Complete Complete Complete
The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore.
30 CVE-2016-4831 +Priv 2016-07-11 2016-07-14
7.2
None Local Low Not required Complete Complete Complete
Untrusted search path vulnerability in LINE and LINE Installer 4.7.0 and earlier on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
31 CVE-2016-4813 284 +Priv 2016-06-18 2016-06-21
9.0
None Remote Low Single system Complete Complete Complete
NetCommons 2.4.2.1 and earlier allows remote authenticated secretariat (aka CLERK) users to gain privileges by creating a SYSTEM_ADMIN account.
32 CVE-2016-4705 119 DoS Overflow +Priv Mem. Corr. 2016-09-18 2016-09-19
7.2
None Local Low Not required Complete Complete Complete
otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4704.
33 CVE-2016-4704 119 DoS Overflow +Priv Mem. Corr. 2016-09-18 2016-09-19
7.2
None Local Low Not required Complete Complete Complete
otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4705.
34 CVE-2016-4653 119 DoS Overflow +Priv Mem. Corr. 2016-07-21 2016-07-28
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4582.
35 CVE-2016-4652 125 DoS +Priv +Info 2016-07-21 2016-07-27
3.3
None Local Medium Not required Partial None Partial
CoreGraphics in Apple OS X before 10.11.6 allows local users to obtain sensitive information from kernel memory and consequently gain privileges, or cause a denial of service (out-of-bounds read), via unspecified vectors.
36 CVE-2016-4647 119 DoS Overflow +Priv Mem. Corr. 2016-07-21 2016-07-26
7.2
None Local Low Not required Complete Complete Complete
Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file.
37 CVE-2016-4638 264 +Priv 2016-07-21 2016-07-27
9.3
None Remote Medium Not required Complete Complete Complete
Login Window in Apple OS X before 10.11.6 allows attackers to gain privileges via a crafted app that leverages a "type confusion."
38 CVE-2016-4634 119 DoS Overflow +Priv Mem. Corr. 2016-07-21 2016-07-27
7.2
None Local Low Not required Complete Complete Complete
The Graphics Drivers subsystem in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
39 CVE-2016-4627 476 DoS +Priv 2016-07-21 2016-07-28
7.2
None Local Low Not required Complete Complete Complete
IOAcceleratorFamily in Apple iOS before 9.3.3, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
40 CVE-2016-4626 476 DoS +Priv 2016-07-21 2016-07-28
7.2
None Local Low Not required Complete Complete Complete
IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.
41 CVE-2016-4625 416 +Priv 2016-07-21 2016-07-27
7.2
None Local Low Not required Complete Complete Complete
Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors.
42 CVE-2016-4582 119 DoS Overflow +Priv Mem. Corr. 2016-07-21 2016-07-26
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653.
43 CVE-2016-4560 +Priv 2016-07-02 2016-07-18
4.6
None Local Low Not required Partial Partial Partial
Untrusted search path vulnerability in Flexera InstallAnywhere allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file.
44 CVE-2016-4557 DoS +Priv 2016-05-23 2016-05-24
7.2
None Local Low Not required Complete Complete Complete
The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor.
45 CVE-2016-4526 427 +Priv 2016-09-18 2016-09-19
6.9
None Local Medium Not required Complete Complete Complete
ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory.
46 CVE-2016-4480 264 +Priv 2016-05-18 2016-09-12
7.2
None Local Low Not required Complete Complete Complete
The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory.
47 CVE-2016-4477 19 DoS +Priv 2016-05-09 2016-05-10
4.4
None Local Medium Not required Partial Partial Partial
wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.
48 CVE-2016-4422 287 +Priv Bypass 2016-05-06 2016-05-10
10.0
None Remote Low Not required Complete Complete Complete
The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account.
49 CVE-2016-4364 +Priv 2016-06-08 2016-08-23
7.2
None Local Low Not required Complete Complete Complete
HPE Insight Control server deployment allows local users to gain privileges via unspecified vectors.
50 CVE-2016-4349 +Priv 2016-04-28 2016-05-03
7.2
None Local Low Not required Complete Complete Complete
Untrusted search path vulnerability in Cisco WebEx Productivity Tools 2.40.5001.10012 allows local users to gain privileges via a Trojan horse cryptsp.dll, dwmapi.dll, msimg32.dll, ntmarta.dll, propsys.dll, riched20.dll, rpcrtremote.dll, secur32.dll, sxs.dll, or uxtheme.dll file in the current working directory, aka Bug ID CSCuy56140.
Total number of vulnerabilities : 4135   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.