Search Results (5496 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-8486 1 Cybozu 1 Office 2025-04-12 N/A
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary report titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2016-1152.
CVE-2015-8600 1 Sap 1 Mobile Platform 2025-04-12 N/A
The SysAdminWebTool servlets in SAP Mobile Platform allow remote attackers to bypass authentication and obtain sensitive information, gain privileges, or have unspecified other impact via unknown vectors, aka SAP Security Note 2227855.
CVE-2015-8612 1 Blueman Project 1 Blueman 2025-04-12 N/A
The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.3 allows local users to gain privileges via the dhcp_handler argument.
CVE-2016-3758 1 Google 1 Android 2025-04-12 N/A
Multiple buffer overflows in libdex/OptInvocation.cpp in DexClassLoader in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to gain privileges via a crafted application that provides a long filename, aka internal bug 27840771.
CVE-2016-1183 1 Nttdata 1 Terasoluna Server Framework For Java Web 2025-04-12 N/A
NTT Data TERASOLUNA Server Framework for Java(WEB) 2.0.0.1 through 2.0.6.1, as used in Fujitsu Interstage Business Application Server and other products, allows remote attackers to bypass a file-extension protection mechanism, and consequently read arbitrary files, via a crafted pathname.
CVE-2016-1712 1 Paloaltonetworks 1 Pan-os 2025-04-12 N/A
Palo Alto Networks PAN-OS before 5.0.19, 5.1.x before 5.1.12, 6.0.x before 6.0.14, 6.1.x before 6.1.12, and 7.0.x before 7.0.8 might allow local users to gain privileges by leveraging improper sanitization of the root_reboot local invocation.
CVE-2016-1742 1 Apple 1 Itunes 2025-04-12 N/A
Untrusted search path vulnerability in the installer in Apple iTunes before 12.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
CVE-2016-2456 1 Google 2 Android, Android One 2025-04-12 N/A
The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27275187.
CVE-2016-2434 1 Google 2 Android, Nexus 9 2025-04-12 N/A
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090.
CVE-2016-2444 1 Google 2 Android, Nexus 9 2025-04-12 N/A
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332.
CVE-2016-2445 1 Google 2 Android, Nexus 9 2025-04-12 N/A
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079.
CVE-2016-2446 1 Google 2 Android, Nexus 9 2025-04-12 N/A
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.
CVE-2016-3808 1 Google 1 Android 2025-04-12 N/A
The serial peripheral interface driver in Android before 2016-07-05 on Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 28430009.
CVE-2015-0179 1 Ibm 1 Domino 2025-04-12 N/A
Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows local users to obtain the System privilege via unspecified vectors, aka SPR TCHL9SST8V.
CVE-2016-4505 1 Resourcedm 1 Intuitive 650 Tdb Controller 2025-04-12 N/A
Resource Data Management (RDM) Intuitive 650 TDB Controller devices before 2.1.24 allow remote authenticated users to modify arbitrary passwords via unspecified vectors.
CVE-2016-5248 1 Lenovo 1 Solution Center 2025-04-12 N/A
The StopProxy command in LSC.Services.SystemService in Lenovo Solution Center before 3.3.003 allows local users to terminate arbitrary processes via the PID argument.
CVE-2016-5249 1 Lenovo 1 Solution Center 2025-04-12 N/A
Lenovo Solution Center (LSC) before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a named pipe created in advance and crafted .NET assembly.
CVE-2016-5253 1 Mozilla 1 Firefox 2025-04-12 N/A
The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link.
CVE-2016-5266 1 Mozilla 1 Firefox 2025-04-12 N/A
Mozilla Firefox before 48.0 does not properly restrict drag-and-drop (aka dataTransfer) actions for file: URIs, which allows user-assisted remote attackers to access local files via a crafted web site.
CVE-2015-0337 5 Adobe, Apple, Linux and 2 more 5 Flash Player, Mac Os X, Linux Kernel and 2 more 2025-04-12 N/A
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows remote attackers to bypass the Same Origin Policy via unspecified vectors.