| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Mozilla Firefox before 31.1 on Android does not properly restrict copying of local files onto the SD card during processing of file: URLs, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1515. |
| The PackageInstaller module in Huawei P7-L10 smartphones before V100R001C00B136 allows remote attackers to spoof the origin website and bypass the website whitelist protection mechanism via a crafted package. |
| The Content Provider in the KOKUYO CamiApp application 1.21.1 and earlier for Android allows attackers to bypass intended access restrictions and read database information via a crafted application. |
| Facebook HipHop Virtual Machine (HHVM) before 3.1.0 does not drop supplemental group memberships within hphp/util/capability.cpp and hphp/util/light-process.cpp, which allows remote attackers to bypass intended access restrictions by leveraging group permissions for a file or directory. |
| The memcache token backend in OpenStack Identity (Keystone) 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, does not include this token in the trustee's token-index-list, which prevents the token from being invalidated by bulk token revocation and allows the trustee to bypass intended access restrictions. |
| Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use of the pickle Python module during certain tunnel-status checks, which allows local users to execute arbitrary Python code and gain privileges via crafted serialized objects, aka Bug ID CSCut39230. |
| IBM Cognos TM1 10.2.0.2 before IF1 and 10.2.2.0 before IF1 allows remote attackers to bypass intended access restrictions by visiting the Rights page and then following a generated link. |
| The EaseWeFtp.FtpLibrary ActiveX control in EaseWeFtp.ocx in Easewe FTP OCX 4.5.0.9 does not restrict access to certain methods, which allows remote attackers to execute arbitrary files via a pathname in the first argument to the (1) Execute or (2) Run method, (3) write to arbitrary files via a pathname in the argument to the CreateLocalFile method, (4) create arbitrary directories via a pathname in the argument to the CreateLocalFolder method, or (5) delete arbitrary files via a pathname in the argument to the DeleteLocalFile method. |
| The SaveMessage method in the LEADeMail.LEADSmtp.20 ActiveX control in LTCML14n.dll 14.0.0.34 in Kofax e-Transactions Sender Sendbox 2.5.0.933 allows remote attackers to write to arbitrary files via a pathname in the first argument. |
| Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when upgraded from an earlier version, does not properly restrict access, which allows remote attackers to change the manager account password and obtain sensitive information via a request to install/. |
| The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call. |
| Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action. |
| SAP Netweaver Java Application Server does not properly restrict access, which allows remote attackers to obtain the list of SAP systems registered on an SLD via an unspecified webdynpro, related to SystemSelection. |
| K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call. |
| The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file. |
| seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges. |
| Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp. |
| The administrative web interface in Cisco Hosted Collaboration Solution (HCS) 10.6(1) and earlier allows remote authenticated users to execute arbitrary commands via crafted input to unspecified fields, aka Bug ID CSCut02786. |
| IBM Maximo Asset Management 7.5.x before 7.5.0.3 IFIX027, 7.5.0.4 before IFIX011, and 7.5.0.5 before IFIX006 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to bypass intended access restrictions, and modify physical counts associated with restricted storerooms, via unspecified vectors. |
| The default slapd configuration in the Debian openldap package 2.4.23-3 through 2.4.39-1.1 allows remote authenticated users to modify the user's permissions and other user attributes via unspecified vectors. |
