CWE:
 

Topic
Date
Author
Med.
Microsoft Windows Kernel (Windows 7 x86) Local Privilege Escalation (MS16-039)
18.04.2018
xiaodaozhi
Med.
Microsoft Windows Kernel (Windows 7 x86) Local Privilege Escalation (MS17-017)
18.04.2018
xiaodaozhi
High
Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 Direct Object Reference
17.04.2018
Frogy
Med.
GNU Beep 1.3 HoleyBeep Local Privilege Escalation
13.04.2018
Pirhack
Low
WordPress Plugin WordPress File Upload 4.3.3 Stored XSS
11.04.2018
ManhNho
High
ProcessMaker Plugin Upload Exploit
04.04.2018
Brendan Coles
Med.
glibc LD_AUDIT libmemusage.so RHEL-Based Arbitrary DSO Load Privilege Escalation
31.03.2018
Marco Ivaldi
High
Vtiger CRM 6.3.0 Authenticated Arbitrary File Upload (Metasploit)
31.03.2018
Touhid M.Shaikh
High
ClipBucket < 4.0.0 - Release 4902 beats_uploader Unauthenticated Arbitrary File Upload
27.03.2018
Touhid M.Shaikh
Med.
LabF nfsAxe 3.7 Privilege Escalation
27.03.2018
bzyo
Med.
Kaseya Virtual System Administrator (VSA) Local Privilege Escalation
24.03.2018
Filip Palian
Med.
IBM Spectrum LSF Privilege Escalation
20.03.2018
John Fitzpatrick
Med.
Huawei Mate 7 /dev/hifi_misc Privilege Escalation
20.03.2018
pray3r
Med.
Linux Kernel 4.13 (Debian 9) Local Privilege Escalation
20.03.2018
anonymous
High
Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) netfilter target_offset Local Privilege Escalation
20.03.2018
Vitaly Nikolenko
Med.
Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) SOCK_DIAG SMEP Bypass Local Privilege Escalation
20.03.2018
Vitaly Nikolenko
Med.
Linux Kernel < 4.4.0-116 (Ubuntu 16.04.4) Local Privilege Escalation
20.03.2018
Bruce Leidl
Med.
Linux Kernel < 3.16.39 (Debian 8 x64) inotfiy Local Privilege Escalation
20.03.2018
Jeremy Huang
Med.
Sophos UTM 9.410 loginuser confd Service Privilege Escalation
06.03.2018
KoreLogic
High
Linux Kernel BadIRET Local Privilege Escalation
02.03.2018
Ren Kimura
Med.
NoMachine x86 < 6.0.80 nxfuse Privilege Escalation
23.02.2018
Fidus InfoSecurity
High
Joomla! Component Proclaim 9.1.1 Arbitrary File Upload
23.02.2018
Ihsan Sencan
Med.
MagniComp SysInfo mcsiwrapper Privilege Escalation
20.02.2018
Brendan Coles
High
Tejari Arbitrary File Upload
17.02.2018
Arvind Vishwakarma
Med.
ABRT raceabrt Privilege Escalation
16.02.2018
Brendan Coles
Med.
Juju-run Agent Privilege Escalation
12.02.2018
Brendan Coles
Med.
glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation
11.02.2018
Brendan Coles
Med.
NetEx HyperIP 6.1.0 Privilege Escalation
11.02.2018
Matt Bergin
Med.
MalwareFox AntiMalware 2.74.0.150 Local Privilege Escalation
07.02.2018
Souhail Hammou
Med.
MalwareFox AntiMalware 2.74.0.150 Privilege Escalation
06.02.2018
Souhail Hammou
Med.
Apport / ABRT chroot Privilege Escalation
03.02.2018
Brendan Coles
Med.
systemd (systemd-tmpfiles) < 236 fs.protected_hardlinks=0 Local Privilege Escalation
31.01.2018
Michael Orlitzky
Med.
System Shield 5.0.0.136 Privilege Escalation
31.01.2018
Parvez Anwar
High
Arq 5.10 Local root Privilege Escalation
30.01.2018
m4rkw
Med.
HP Connected Backup 8.6/8.8.6 Local Privilege Escalation
23.01.2018
Peter Lapp
High
DarkComet (C2 Server) File Upload
22.01.2018
Pseudo Laboratories
High
glibc getcwd() Local Privilege Escalation
19.01.2018
halfdog
Med.
Docker Sudo Privilege Escalation
18.01.2018
Pype
High
Synology Photo Station 6.8.2-3461 SYNOPHOTO_Flickr_MultiUpload Race Condition File Write Remote Code Execution
16.01.2018
mr_me
High
D-Link DNS-325 ShareCenter 1.05B03 Shell Upload / Command Injection
15.01.2018
Phosphorus Cybersecuri...
High
Kaseya VSA 9.2 Shell Upload
15.01.2018
Kin Hung Cheng
High
phpCollab 2.5.1 Unauthenticated File Upload
12.01.2018
1oopho1e
High
Samsung SRN-1670D Web Viewer 1.0.0.193 Arbitrary File Read / Upload
11.01.2018
Omar Mezrag
Med.
Jungo Windriver 12.5.1 Privilege Escalation
11.01.2018
Fidus InfoSecurity
High
phpCollab 2.5.1 Unauthenticated File Upload
11.01.2018
Nick Marcoccio
Med.
WordPress CMS Tree Page View 1.4 CSRF / Privilege Escalation
09.01.2018
Panagiotis Vagenas
High
WordPress Plugin LearnDash 2.5.3 Arbitrary File Upload
08.01.2018
NinTechNet
High
WDMyCloud <= 2.30.165 Multiple Vulnerabilities
05.01.2018
GulfTech
Med.
Kingsoft Antivirus / Internet Security 9+ Privilege Escalation
04.01.2018
Steven
Med.
Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04 and 16.04) Local Privilege Escalation
03.01.2018
Andrey Konovalov
High
Chatting System PHP Ajax MySQL JavaScript 1.0 Shell Upload
31.12.2017
ShanoWeb
Med.
Ubiquiti UniFi Video 3.7.3 Local Privilege Escalation
26.12.2017
RCE
High
Monstra CMS 3.0.4 Remote Shell Upload
18.12.2017
Ishaq Mohammed
High
Western Digital MyCloud multi_uploadify File Upload
16.12.2017
Zenofex
High
Accesspress Anonymous Post Pro Unauthenticated Arbitrary File Upload
13.12.2017
Colette Chamberland
High
Vanguard 1.4 Arbitrary File Upload
12.12.2017
Ihsan Sencan
Med.
TeamCity 2017.1.5 Privilege Escalation
11.12.2017
Heliand Dema
High
Simple Chatting System 1.0.0 Arbitrary File Upload
09.12.2017
Ihsan Sencan
Med.
Proxifier For Mac 2.19 Local Privilege Escalation
07.12.2017
m4rkw
Med.
Hashicorp vagrant-vmware-fusion 5.0.3 Local Privilege Escalation
07.12.2017
Mark Wadham
Med.
Hashicorp vagrant-vmware-fusion 5.0.1 Local Privilege Escalation
07.12.2017
Mark Wadham
Med.
Murus 1.4.11 Local Privilege Escalation
07.12.2017
Mark Wadham
Med.
Perspective ICM Investigation And Case 5.1.1.16 Privilege Escalation
07.12.2017
Konstantinos.alexiou
High
Arq Backup 5.9.6 Local Root Privilege Escalation
06.12.2017
Mark Wadham
High
Arq Backup 5.9.7 Local Root Privilege Escalation
06.12.2017
Mark Wadham
Med.
Symantec Encryption Desktop And Endpoint Encryption Local Privilege Escalation
04.12.2017
kyREcon
Med.
Microsoft Windows 10 Creators Update 1703 WARBIRD NtQuerySystemInformation Kernel Local Privilege Escalation
30.11.2017
XPN
Med.
Mac OS X 10.13.1 Root Privilege Escalation
30.11.2017
Anonymous
High
CSC Cart 4.6.2 Shell Upload
26.11.2017
oric one
Med.
Scala 2.x Privilege Escalation
15.11.2017
Jason Zaugg
Med.
IKARUS AntiVirus 2.16.7 Privilege Escalation
14.11.2017
Parvez Anwar
Med.
Linux Kernel 4.13 (Ubuntu 17.10) waitid() SMEP/SMAP Privilege Escalation
08.11.2017
Chris Salls
Med.
Linux Kernel 4.1.3 (Ubuntu 17.10) waitid() SMEP/SMAP Privilege Escalation
08.11.2017
Chris Salls
Med.
Splunk 6.6.x Local Privilege Escalation
04.11.2017
Hank Leininger
Med.
Vir.IT eXplorer Anti-Virus Privilege Escalation
03.11.2017
Parvez Anwa
Med.
MitraStar DSL-100HN-T1/GPT-2541GNAC Privilege Escalation
01.11.2017
j0lama
Med.
Bomgar Remote Support Local Privilege Escalation
27.10.2017
Robert Wessen
High
osTicket 1.10.1 Shell Upload
25.10.2017
Rajwinder Singh*
Med.
Sophos UTM 9 loginuser Privilege Escalation Via Insecure Directory Permissions
25.10.2017
Matt Bergin
Med.
Sonicwall WXA5000 1.3.2-10-30 Console Jail Escape / Privilege Escalation
25.10.2017
Matt Bergin
High
Hashicorp vagrant-vmware-fusion 4.0.24 Local Root Privilege Escalation
22.10.2017
Anonymous
Med.
Tomcat Remote Code Execution via JSP Upload Bypass
19.10.2017
peewpw
High
Afian AB FileRun 2017.03.18 CSRF / Shell Upload / XSS / Redirection
18.10.2017
SEC Consult
Med.
Opentext Documentum Content Server File Hijack / Privilege Escalation
15.10.2017
Andrey B. Panfilov
High
Opentext Documentum Content Server Privilege Escalation
15.10.2017
Andrey B. Panfilov
High
Tomcat JSP Upload Bypass Remote Code Execution
12.10.2017
peewpw
High
Apache Tomcat Upload Bypass / Remote Code Execution
11.10.2017
intx0x80
Med.
Unitrends UEB 9.1 Privilege Escalation
06.10.2017
Multiple
High
Apache Tomcat JSP Upload Bypass / Remote Code Execution
05.10.2017
xxlegend
High
phpCollab 2.5.1 Arbitrary File Upload
03.10.2017
Sysdream
High
Ingenious School Management System 2.3.0 Arbitrary File Upload
01.10.2017
Ihsan Sencan
High
iStock Management System 1.0 Arbitrary File Upload
01.10.2017
Ihsan Sencan
High
PhpCollab 2.5.1 Shell Upload
30.09.2017
SYSDREAM
Med.
UCOPIA Wireless Appliance Privilege Escalation
30.09.2017
SYSDREAM
High
AMC Master Arbitrary File Upload
28.09.2017
Ihsan Sencan
High
Claydip Airbnb Clone 1.0 Arbitrary File Upload
25.09.2017
Ihsan Sencan
High
DlxSpot Shell Upload
21.09.2017
Simon Brannstrom
Med.
Netdecision 5.8.2 Local Privilege Escalation
18.09.2017
Peter Baris
Med.
D-Link DIR8xx Router Firmware Upload
15.09.2017
embedi
High
Aerohive Networks HiveManager Remote Shell Upload
10.09.2017
Sandro Zaccarini


CVEMAP Search Results

CVE
Details
Description
2018-04-05
Medium
CVE-2016-8482

Vendor: Google
Software: Android
 

 
An elevation of privilege vulnerability in the NVIDIA GPU driver. Product: Android. Versions: Android kernel. Android ID: A-31799863. References: N-CVE-2016-8482.

 
Medium
CVE-2017-0431

Vendor: Google
Software: Android
 

 
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32573899.

 
Medium
CVE-2017-0744

Vendor: Google
Software: Android
 

 
An elevation of privilege vulnerability in the NVIDIA firmware processing code. Product: Android. Versions: Android kernel. Android ID: A-34112726. References: N-CVE-2017-0744.

 
Medium
CVE-2017-0751

Vendor: Google
Software: Android
 

 
An elevation of privilege vulnerability in the Qualcomm QCE driver. Product: Android. Versions: Android kernel. Android ID: A-36591162. References: QC-CR#2045061.

 
2018-03-26
Medium
CVE-2018-5454

Vendor: Philips
Software: Intellispace...
 

 
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability where code debugging methods are enabled, which could allow an attacker to remotely execute arbitrary code during runtime.

 
Medium
CVE-2018-5468

Vendor: Philips
Software: Intellispace...
 

 
Philips Intellispace Portal all versions 7.0.x and 8.0.x have a remote desktop access vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code

 
Medium
CVE-2018-5472

Vendor: Philips
Software: Intellispace...
 

 
Philips Intellispace Portal all versions 7.0.x and 8.0.x have an insecure windows permissions vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code.

 
Medium
CVE-2018-1203

Updating...
 

 
In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges. In versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, the tcpdump binary, being run with sudo, may potentially be used by compadmin to execute arbitrary code with root privileges.

 
2018-03-23
Medium
CVE-2017-17736

Updating...
 

 
Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard.

 
2018-03-22
Low
CVE-2018-1448

Vendor: IBM
Software: DB2
 

 
IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140043.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top