Vulnerabilities (CVE)

CWE filter

CWE-264

Filter

5938 total CVE
CVE Vendors Products Updated CVSS
CVE-2015-0179 1 Ibm 1 Domino 2019-10-16 7.2
Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows local users to obtain the System privilege via unspecified vectors, aka SPR TCHL9SST8V.
CVE-2019-11249 1 Kubernetes 1 Kubernetes 2019-10-11 5.8
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the...
CVE-2019-1000 1 Microsoft 1 Azure Active Directory Connect 2019-10-10 3.5
An elevation of privilege vulnerability exists in Microsoft Azure Active Directory Connect build 1.3.20.0, which allows an attacker to execute two PowerShell cmdlets in context of a privileged account, and perform privileged actions.To exploit...
CVE-2019-11246 1 Kubernetes 1 Kubernetes 2019-10-10 4.3
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the...
CVE-2018-5406 2019-10-10 9.3
The Quest Kace K1000 Appliance, versions prior to 9.0.270, allows a remote attacker to exploit the misconfigured Cross-Origin Resource Sharing (CORS) mechanism. An unauthenticated, remote attacker could exploit this vulnerability to perform...
CVE-2018-12147 2019-10-10 7.2
Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel? Server Platform Services before version 4.0 and Intel? Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to...
CVE-2008-2314 1 Apple 2 Mac Os X, Mac Os X Server 2019-10-10 4.4
Dock in Apple Mac OS X 10.5 before 10.5.4, when Expos? hot corners is enabled, allows physically proximate attackers to gain access to a locked session in (1) sleep mode or (2) screen saver mode via unspecified vectors.
CVE-2003-0497 1 Intersystems 1 Cache Database 2019-10-10 7.2
Cach? Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs.
CVE-2019-9920 1 Harmistechnology 1 Je Messenger 2019-10-09 N/A
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to perform an action within the context of the account of another user.
CVE-2019-9884 1 Eclass 1 Eclass Ip 2019-10-09 10.0
eClass platform < ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page.
CVE-2019-8988 1 Tibco 2 Data Science For Aws, Spotfire Data Science 2019-10-09 N/A
The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site contains a vulnerability that theoretically allows a user to escalate their privileges on the...
CVE-2019-8456 1 Checkpoint 1 Ipsec Vpn 2019-10-09 4.3
Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditions, may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server.
CVE-2019-8454 1 Checkpoint 1 Endpoint Security 2019-10-09 6.9
A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that...
CVE-2019-7394 1 Ca 2 Risk Authentication, Strong Authentication 2019-10-09 6.5
A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x allows an authenticated attacker...
CVE-2019-7303 1 Canonical 2 Ubuntu Linux, Snapd 2019-10-09 5.0
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl(2) commands on a 64-bit...
CVE-2019-6582 2019-10-09 5.5
A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance...
CVE-2019-6581 2019-10-09 6.5
A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance...
CVE-2019-6579 1 Siemens 1 Spectrum Power 4 2019-10-09 7.5
A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal). An attacker with network access to the web server on port 80/TCP or 443/TCP could execute system commands with administrative privileges. The security vulnerability...
CVE-2019-6570 2019-10-09 9.0
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. The security vulnerability could be...
CVE-2019-6171 1 Lenovo 148 20a7 Firmware, 20a8 Firmware, 20a9 Firmware and 145 more 2019-10-09 7.2
A vulnerability was reported in various BIOS versions of older ThinkPad systems that could allow a user with administrative privileges or physical access the ability to update the Embedded Controller with unsigned firmware.