CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2014(Gain Privilege)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-9387 +Priv 2014-12-17 2014-12-17
0.0
None ??? ??? ??? ??? ??? ???
SAP BussinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and gain privileges via a crafted CORBA call, aka SAP Note 2039905.
2 CVE-2014-9361 200 +Priv +Info 2014-12-10 2014-12-11
4.3
None Remote Medium Not required Partial None None
The LoginToboggan module 7.x-1.x before 7.x-1.4 for Drupal does not properly unset the authorized user role for certain users, which allows remote attackers with the pre-authorized role to gain privileges and possibly obtain sensitive information by accessing a Page Not Found (404) page.
3 CVE-2014-9322 264 +Priv 2014-12-17 2014-12-17
7.2
User Local Low Not required Complete Complete Complete
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.
4 CVE-2014-9273 119 Exec Code Overflow +Priv 2014-12-08 2014-12-09
4.6
User Local Low Not required Partial Partial Partial
lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.
5 CVE-2014-9183 255 +Priv 2014-12-02 2014-12-03
10.0
User Remote Low Not required Complete Complete Complete
ZTE ZXDSL 831CII has a default password of admin for the admin account, which allows remote attackers to gain administrator privileges.
6 CVE-2014-9091 264 +Priv 2014-12-10 2014-12-11
4.6
User Local Low Not required Partial Partial Partial
Icecast before 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors.
7 CVE-2014-9000 264 Exec Code +Priv 2014-11-20 2014-11-20
6.5
None Remote Low Single system Partial Partial Partial
Mule Enterprise Management Console (MMC) does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitrary code via a crafted request that adds a new user. NOTE: this issue was originally reported for ESB Runtime 3.5.1, but it originates in MMC.
8 CVE-2014-8884 119 DoS Overflow +Priv 2014-11-29 2014-12-05
6.1
User Local Low Not required Partial Partial Complete
Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call.
9 CVE-2014-8651 264 +Priv 2014-12-06 2014-12-08
7.2
Admin Local Low Not required Complete Complete Complete
The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.
10 CVE-2014-8595 17 DoS +Priv 2014-11-19 2014-11-19
1.9
None Local Medium Not required None None Partial
arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far branch instruction.
11 CVE-2014-8583 254 +Priv 2014-12-16 2014-12-17
6.9
Admin Local Medium Not required Complete Complete Complete
mod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors.
12 CVE-2014-8496 255 +Priv 2014-12-09 2014-12-10
10.0
User Remote Low Not required Complete Complete Complete
Digicom DG-5514T ADSL router with firmware 3.2 generates predictable session IDs, which allows remote attackers to gain administrator privileges via a brute force session hijacking attack.
13 CVE-2014-8494 264 +Priv 2014-11-03 2014-11-04
4.6
None Local Low Not required Partial Partial Partial
ESTsoft ALUpdate 8.5.1.0.0 uses weak permissions (Users: Full Control) for the (1) AlUpdate folder and (2) AlUpdate.exe, which allows local users to gain privileges via a Trojan horse file.
14 CVE-2014-8419 264 +Priv 2014-11-26 2014-11-28
7.2
None Local Low Not required Complete Complete Complete
Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read and write access for all users) for codemeter.exe, which allows local users to gain privileges via a Trojan horse file.
15 CVE-2014-8418 264 +Priv 2014-11-24 2014-11-25
9.0
None Remote Low Single system Complete Complete Complete
The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, 11.x before 11.1.4.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 1.8 before 1.8.28-cert8 and 11.6 before 11.6-cert8 allows remote authenticated users to gain privileges via a call from an external protocol, as demonstrated by the AMI protocol.
16 CVE-2014-8417 264 Exec Code +Priv 2014-11-24 2014-11-25
6.5
None Remote Low Single system Partial Partial Partial
ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 11.6 before 11.6-cert8 allows remote authenticated users to (1) gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or (2) execute arbitrary system commands via a crafted ConfbridgeStartRecord AMI action.
17 CVE-2014-8373 264 +Priv 2014-12-11 2014-12-12
9.0
Admin Remote Low Single system Complete Complete Complete
The VMware Remote Console (VMRC) function in VMware vCloud Automation Center (vCAC) 6.0.1 through 6.1.1 allows remote authenticated users to gain privileges via vectors involving the "Connect (by) Using VMRC" function.
18 CVE-2014-8368 264 Exec Code +Priv 2014-11-25 2014-11-26
9.0
None Remote Low Single system Complete Complete Complete
The web interface in Aruba Networks AirWave before 7.7.14 and 8.x before 8.0.5 allows remote authenticated users to gain privileges and execute arbitrary commands via unspecified vectors.
19 CVE-2014-8270 264 Exec Code +Priv 2014-12-12 2014-12-12
5.0
None Remote Low Not required None Partial None
BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating an account whose name matches that of a local system account, then performing a password reset.
20 CVE-2014-7989 20 +Priv 2014-11-07 2014-11-18
6.8
Admin Local Low Single system Complete Complete Complete
Cisco Unified Computing System on B-Series blade servers allows local users to gain shell privileges via a crafted (1) ping6 or (2) traceroute6 command, aka Bug ID CSCuq38176.
21 CVE-2014-7826 264 DoS +Priv 2014-11-10 2014-12-09
4.6
User Local Low Not required Partial Partial Partial
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.
22 CVE-2014-7259 200 +Priv +Info 2014-12-05 2014-12-05
5.0
None Remote Low Not required Partial None None
SQUARE ENIX Co., Ltd. Kaku-San-Sei Million Arthur before 2.25 for Android stores "product credentials" on the SD card, which allows attackers to gain privileges via a crafted application.
23 CVE-2014-7155 264 DoS +Priv 2014-10-02 2014-12-06
5.8
None Local Network Low Not required Partial Partial Partial
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction.
24 CVE-2014-6625 284 +Priv 2014-11-19 2014-11-19
9.0
Admin Remote Low Single system Complete Complete Complete
The Policy Manager in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote authenticated users to gain privileges via unspecified vectors.
25 CVE-2014-6607 255 1 +Priv 2014-10-06 2014-10-07
7.5
None Remote Low Not required Partial Partial Partial
M/Monit 3.3.2 and earlier does not verify the original password before changing passwords, which allows remote attackers to change the password of other users and gain privileges via the fullname and password parameters, a different vulnerability than CVE-2014-6409.
26 CVE-2014-6350 264 +Priv 2014-11-11 2014-11-12
4.3
None Remote Medium Not required None Partial None
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6349.
27 CVE-2014-6349 264 +Priv 2014-11-11 2014-11-12
4.3
None Remote Medium Not required None Partial None
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6350.
28 CVE-2014-6322 20 +Priv 2014-11-11 2014-12-02
4.3
None Remote Medium Not required None Partial None
The Windows Audio service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted web site, as demonstrated by execution of web script in Internet Explorer, aka "Windows Audio Service Vulnerability."
29 CVE-2014-5507 264 1 +Priv 2014-11-03 2014-11-04
7.2
None Local Low Not required Complete Complete Complete
iBackup 10.0.0.32 and earlier uses weak permissions (Everyone: Full Control) for ib_service.exe, which allows local users to gain privileges via a Trojan horse file.
30 CVE-2014-5455 1 +Priv 2014-08-25 2014-08-26
6.9
None Local Medium Not required Complete Complete Complete
Unquoted Windows search path vulnerability in the ptservice service in PrivateTunnel 2.3.8, as bundled in OpenVPN 2.1.28.0 allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.
31 CVE-2014-5453 264 1 +Priv 2014-08-25 2014-08-26
7.2
None Local Low Not required Complete Complete Complete
Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: Full Control) for the program installation directory (%PROGRAMFILES%\Ubisoft Game Launcher), which allows local users to gain privileges via a Trojan horse file.
32 CVE-2014-5430 +Priv 2014-11-07 2014-11-07
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in ABB RobotStudio 5.6x before 5.61.02 and Test Signal Viewer 1.5 allows local users to gain privileges via a Trojan horse DLL that is accessed as a result of incorrect DLL configuration by an optional installation program.
33 CVE-2014-5421 255 +Priv 2014-10-18 2014-10-22
6.8
None Local Low Not required Complete Complete Partial
CareFusion Pyxis SupplyStation 8.1 with hardware test tool 1.0.16 and earlier has a hardcoded database password, which makes it easier for local users to gain privileges by leveraging cabinet access.
34 CVE-2014-5307 119 Overflow +Priv 2014-08-26 2014-08-27
7.2
None Local Low Not required Complete Complete Complete
Heap-based buffer overflow in the PavTPK.sys kernel mode driver of Panda Security 2014 products before hft131306s24_r1 allows local users to gain privileges via a crafted argument to a 0x222008 IOCTL call.
35 CVE-2014-5285 +Priv +Info 2014-09-04 2014-09-05
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Authentication Module in TIBCO Spotfire Server before 4.5.2, 5.0.x before 5.0.3, 5.5.x before 5.5.2, 6.0.x before 6.0.3, and 6.5.x before 6.5.1 allows remote attackers to gain privileges, and obtain sensitive information or modify data, via unknown vectors.
36 CVE-2014-5284 264 1 +Priv 2014-12-01 2014-12-02
7.2
Admin Local Low Not required Complete Complete Complete
host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root privileges by creating the temporary files before automatic IP blocking is performed.
37 CVE-2014-5263 119 DoS Overflow +Priv Mem. Corr. 2014-08-26 2014-11-18
6.8
None Remote Medium Not required Partial Partial Partial
vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain privileges via unspecified vectors.
38 CVE-2014-5207 264 1 DoS +Priv 2014-08-18 2014-11-13
6.0
None Local High Single system Complete Complete Complete
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace.
39 CVE-2014-5148 119 DoS Overflow +Priv 2014-10-26 2014-12-16
4.4
None Local Medium Not required Partial Partial Partial
Xen 4.4.x, when running on an ARM system and "handling an unknown system register access from 64-bit userspace," returns to an instruction of the trap handler for kernel space faults instead of an instruction that is associated with faults in 64-bit userspace, which allows local guest users to cause a denial of service (crash) and possibly gain privileges via a crafted process.
40 CVE-2014-4973 20 +Priv 2014-09-23 2014-09-24
6.9
None Local Medium Not required Complete Complete Complete
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL call.
41 CVE-2014-4971 2 +Priv 2014-07-26 2014-11-13
7.2
None Local Low Not required Complete Complete Complete
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.
42 CVE-2014-4943 264 +Priv 2014-07-19 2014-12-06
6.9
None Local Medium Not required Complete Complete Complete
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.
43 CVE-2014-4870 20 +Priv 2014-10-07 2014-10-07
7.2
None Local Low Not required Complete Complete Complete
/opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges by leveraging the sudo configuration.
44 CVE-2014-4867 264 +Priv 2014-10-10 2014-10-15
6.8
None Local Low Single system Complete Complete Complete
Cryoserver Security Appliance 7.3.x uses weak permissions for /etc/init.d/cryoserver, which allows local users to gain privileges by leveraging access to the support account and running the /bin/cryo-mgmt program.
45 CVE-2014-4833 20 +Priv 2014-10-18 2014-10-22
6.5
None Remote Low Single system Partial Partial Partial
IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 allows remote authenticated users to gain privileges via invalid input.
46 CVE-2014-4699 362 1 DoS +Priv 2014-07-09 2014-08-01
6.9
None Local Medium Not required Complete Complete Complete
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.
47 CVE-2014-4685 264 +Priv 2014-07-24 2014-07-25
4.6
None Local Low Not required Partial Partial Partial
Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access control.
48 CVE-2014-4684 264 +Priv 2014-07-24 2014-07-25
6.0
None Remote Medium Single system Partial Partial Partial
The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433.
49 CVE-2014-4683 264 +Priv 2014-07-24 2014-07-25
4.9
None Remote Medium Single system Partial Partial None
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request.
50 CVE-2014-4626 264 +Priv 2014-12-16 2014-12-17
9.0
User Remote Low Single system Complete Complete Complete
EMC Documentum Content Server before 6.7 SP1 P29, 6.7 SP2 before P18, 7.0 before P16, and 7.1 before P09 allows remote authenticated users to gain privileges by (1) placing a command in a dm_job object and setting this object's owner to a privileged user or placing a rename action in a dm_job_request object and waiting for a (2) dm_UserRename or (3) dm_GroupRename service task, aka ESA-2014-105. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2515.
Total number of vulnerabilities : 231   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.