Vulnerabilities (CVE)

CWE filter

CWE-264

Filter

7644 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-15119 1 Nps Project 1 Nps 2019-08-23 5.8
lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user.
CVE-2016-10923 2019-08-23 7.5
The woocommerce-store-toolkit plugin before 1.5.8 for WordPress has privilege escalation.
CVE-2016-10929 2019-08-23 5.0
The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in.
CVE-2019-4253 2019-08-23 7.2
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local privileged Informix user to load a malicious shared library and gain root access privileges. IBM X-Force ID: 159941.
CVE-2018-1631 1 Ibm 1 Informix Dynamic Server 2019-08-23 7.2
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in oninit mongohash. IBM X-Force ID: 144431.
CVE-2018-1630 1 Ibm 1 Informix Dynamic Server 2019-08-23 7.2
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onmode. IBM X-Force ID: 144430.
CVE-2019-1170 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2019-08-23 7.2
An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape, aka 'Windows NTFS Elevation of Privilege Vulnerability'.
CVE-2019-1161 1 Microsoft 5 Forefront Endpoint Protection 2010, Security Essentials, System Center Endpoint Protection and 2 more 2019-08-22 6.6
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation...
CVE-2019-1162 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-08-22 7.2
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local...
CVE-2019-2125 1 Google 1 Android 2019-08-22 4.4
In ChangeDefaultDialerDialog.java, there is a possible escalation of privilege due to an overlay attack. This could lead to local escalation of privilege, granting privileges to a local app without the user's informed consent, with no additional...
CVE-2019-2122 1 Google 1 Android 2019-08-22 6.9
In LockTaskController.lockKeyguardIfNeeded of the LockTaskController.java, there was a difference in the handling of the default case between the WindowManager and the Settings. This could lead to a local escalation of privilege with no...
CVE-2019-2128 1 Google 1 Android 2019-08-22 7.2
In ACELP_4t64_fx of c4t64fx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2019-1258 1 Microsoft 2 Active Directory Authentication Library, Nuget 2019-08-22 6.5
An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens, aka 'Azure Active Directory Authentication Library Elevation of Privilege Vulnerability'.
CVE-2019-1229 1 Microsoft 1 Dynamics 365 2019-08-22 6.5
An elevation of privilege vulnerability exists in Dynamics On-Premise v9, aka 'Dynamics On-Premise Elevation of Privilege Vulnerability'.
CVE-2019-14969 1 Netwrix 1 Auditor 2019-08-21 6.9
Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. In addition, the service Netwrix.ADA.StorageAuditService (which writes to that directory) does not perform proper...
CVE-2019-7958 1 Adobe 1 Creative Cloud 2019-08-21 10.0
Creative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability. Successful exploitation could lead to privilege escalation.
CVE-2018-16018 1 Adobe 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more 2019-08-21 9.3
Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010.20064 and earlier, 2017.011.30110 and earlier version, and 2015.006.30461 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation.
CVE-2018-16044 1 Adobe 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more 2019-08-21 9.3
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and...
CVE-2018-16045 1 Adobe 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more 2019-08-21 9.3
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and...
CVE-2018-15966 1 Adobe 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more 2019-08-21 9.3
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation.