Total
5458 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-4451 | 1 Gitolite | 1 Gitolite | 2024-11-21 | N/A |
| gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating (1) ~/.gitolite.rc, (2) ~/.gitolite, or (3) ~/repositories/gitolite-admin.git on fresh installs. | ||||
| CVE-2013-3947 | 1 Ahnlab | 1 V3 Internet Security | 2024-11-21 | N/A |
| Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 (Build 1373) allows local users to gain privileges via a crafted 0xA3350014 IOCTL call. | ||||
| CVE-2013-3024 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | N/A |
| IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. IBM X-Force ID: 84362. | ||||
| CVE-2013-0267 | 1 Apache | 1 Vcl | 2024-11-21 | N/A |
| The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x before 2.2.2 and 2.1 allow remote authenticated users with nodeAdmin, manageGroup, resourceGrant, or userGrant permissions to gain privileges, cause a denial of service, or conduct cross-site scripting (XSS) attacks by leveraging improper data validation. | ||||
| CVE-2011-3172 | 1 Suse | 1 Suse Linux Enterprise Server | 2024-11-21 | N/A |
| A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected releases are SUSE Linux Enterprise: versions prior to 12. | ||||
| CVE-2010-5327 | 1 Liferay | 1 Liferay Portal | 2024-11-21 | N/A |
| Liferay Portal through 6.2.10 allows remote authenticated users to execute arbitrary shell commands via a crafted Velocity template. | ||||
| CVE-2004-2778 | 1 Gentoo | 1 Portage | 2024-11-20 | N/A |
| Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected commands. | ||||
| CVE-2024-51524 | 1 Huawei | 1 Harmonyos | 2024-11-07 | 4 Medium |
| Permission control vulnerability in the Wi-Fi module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-51525 | 1 Huawei | 1 Harmonyos | 2024-11-07 | 6.2 Medium |
| Permission control vulnerability in the clipboard module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-51527 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-07 | 5.1 Medium |
| Permission control vulnerability in the Gallery app Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-51516 | 1 Huawei | 1 Harmonyos | 2024-11-07 | 6.2 Medium |
| Permission control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to function abnormally. | ||||
| CVE-2024-20371 | 1 Cisco | 1 Nexus 3550 Firmware | 2024-11-06 | 5.3 Medium |
| A vulnerability in the access control list (ACL) programming of Cisco Nexus 3550-F Switches could allow an unauthenticated, remote attacker to send traffic that should be blocked to the management interface of an affected device. This vulnerability exists because ACL deny rules are not properly enforced at the time of device reboot. An attacker could exploit this vulnerability by attempting to send traffic to the management interface of an affected device. A successful exploit could allow the attacker to send traffic to the management interface of the affected device. | ||||
| CVE-2024-20370 | 1 Cisco | 2 Adaptive Security Appliance Software, Firepower Threat Defense Software | 2024-10-26 | 6 Medium |
| A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to elevate their administrative privileges to root. The attacker would need valid administrative credentials on the device to exploit this vulnerability. This vulnerability exists because certain system configurations and executable files have insecure storage and permissions. An attacker could exploit this vulnerability by authenticating on the device and then performing a series of steps that includes downloading malicious system files and accessing the Cisco FXOS CLI to configure the attack. A successful exploit could allow the attacker to obtain root access on the device. | ||||
| CVE-2008-1112 | 2024-09-17 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0928. Reason: This candidate is a duplicate of CVE-2008-0928. Notes: All CVE users should reference CVE-2008-0928 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
| CVE-2024-45442 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-13 | 5.1 Medium |
| Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2024-42035 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-11 | 8.4 High |
| Permission control vulnerability in the App Multiplier module Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality. | ||||
| CVE-2023-7265 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-06 | 4 Medium |
| Permission verification vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect availability | ||||
| CVE-2024-45449 | 1 Huawei | 2 Emui, Harmonyos | 2024-09-06 | 5.1 Medium |
| Access permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||