Total
5244 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-46586 | 1 Huawei | 1 Harmonyos | 2025-05-09 | N/A | 5.1 MEDIUM |
| Permission control vulnerability in the contacts module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-46587 | 1 Huawei | 1 Harmonyos | 2025-05-09 | N/A | 6.2 MEDIUM |
| Permission control vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2025-46593 | 1 Huawei | 1 Harmonyos | 2025-05-09 | N/A | 5.1 MEDIUM |
| Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2016-8446 | 1 Google | 1 Android | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31747749. References: MT-ALPS02968909. | |||||
| CVE-2016-5720 | 1 Microsoft | 1 Skype | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| Multiple untrusted search path vulnerabilities in Microsoft Skype allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) msi.dll, (2) dpapi.dll, or (3) cryptui.dll that is located in the current working directory. | |||||
| CVE-2016-8363 | 1 Moxa | 28 Awk-1121, Awk-1121 Firmware, Awk-1127 and 25 more | 2025-04-20 | 7.5 HIGH | 10.0 CRITICAL |
| An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series. User is able to execute arbitrary OS commands on the server. | |||||
| CVE-2016-10289 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33899710. References: QC-CR#1116295. | |||||
| CVE-2016-9269 | 1 Trendmicro | 1 Interscan Web Security Virtual Appliance | 2025-04-20 | 9.0 HIGH | 9.9 CRITICAL |
| Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as root via Patch Update functionality. This was resolved in Version 6.5 CP 1737. | |||||
| CVE-2016-8005 | 1 Mcafee | 1 Email Gateway | 2025-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| File extension filtering vulnerability in Intel Security McAfee Email Gateway (MEG) before 7.6.404h1128596 allows attackers to fail to identify the file name properly via scanning an email with a forged attached filename that uses a null byte within the filename extension. | |||||
| CVE-2015-0864 | 1 Samsung | 2 Galaxy App, Samsung Account App | 2025-04-20 | 7.9 HIGH | 8.0 HIGH |
| Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code. | |||||
| CVE-2015-5699 | 1 Cumulusnetworks | 1 Cumulus Linux | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label. | |||||
| CVE-2016-5979 | 1 Ibm | 1 Distributed Marketing | 2025-04-20 | 4.0 MEDIUM | 2.7 LOW |
| IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged authenticated user to create an instance that gets created with security profile not valid for the templates, that results in the new instance not accessible for the intended user. IBM X-Force ID: 116379. | |||||
| CVE-2016-8420 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32451171. References: QC-CR#1087807. | |||||
| CVE-2016-10187 | 1 Calibre-ebook | 1 Calibre | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript. | |||||
| CVE-2016-8452 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32506396. References: QC-CR#1050323. | |||||
| CVE-2016-5876 | 1 Owncloud | 1 Owncloud | 2025-04-20 | 4.3 MEDIUM | 5.9 MEDIUM |
| ownCloud server before 8.2.6 and 9.x before 9.0.3, when the gallery app is enabled, allows remote attackers to download arbitrary images via a direct request. | |||||
| CVE-2015-0863 | 1 Samsung | 2 Galaxy App, Samsung Account App | 2025-04-20 | 7.9 HIGH | 8.0 HIGH |
| GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app.samsungapps) before 14120405.03.012 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code. | |||||
| CVE-2016-4896 | 1 Setucocms Project | 1 Setucocms | 2025-04-20 | 6.4 MEDIUM | 6.5 MEDIUM |
| SetsucoCMS all versions does not properly manage sessions, which allows remote attackers to disclose or alter unauthorized information via unspecified vectors. | |||||
| CVE-2015-1610 | 1 Opendaylight | 1 L2switch | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| hosttracker in OpenDaylight l2switch allows remote attackers to change the host location information by spoofing the MAC address, aka "topology spoofing." | |||||
| CVE-2016-8235 | 1 Lenovo | 1 Customer Care Software Development Kit | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges. | |||||