CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2018(Gain Privilege)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2013-0267 264 DoS +Priv XSS 2018-02-21 2019-07-29
6.5
None Remote Low ??? Partial Partial Partial
The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x before 2.2.2 and 2.1 allow remote authenticated users with nodeAdmin, manageGroup, resourceGrant, or userGrant permissions to gain privileges, cause a denial of service, or conduct cross-site scripting (XSS) attacks by leveraging improper data validation.
2 CVE-2013-3024 264 +Priv 2018-05-24 2018-06-25
7.2
None Local Low Not required Complete Complete Complete
IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. IBM X-Force ID: 84362.
3 CVE-2013-3947 264 Overflow +Priv 2018-04-24 2018-06-04
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 (Build 1373) allows local users to gain privileges via a crafted 0xA3350014 IOCTL call.
4 CVE-2013-6876 264 +Priv 2018-04-06 2018-10-09
7.2
None Local Low Not required Complete Complete Complete
The (1) pty_init_terminal and (2) pipe_init_terminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit ad732f00b411b092c66a04c359da0f16ec3b387, but the version number was not changed.
5 CVE-2014-0087 264 +Priv Bypass 2018-01-11 2018-12-18
6.5
None Remote Low ??? Partial Partial Partial
The check_privileges method in vmdb/app/controllers/application_controller.rb in ManageIQ, as used in Red Hat CloudForms Management Engine (CFME), allows remote authenticated users to bypass authorization and gain privileges by leveraging improper RBAC checking, related to the rbac_user_edit action.
6 CVE-2014-1215 119 Overflow +Priv 2018-03-20 2018-10-09
4.6
None Local Low Not required Partial Partial Partial
Multiple buffer overflows in Core FTP Server before 1.2 build 508 allow local users to gain privileges via vectors related to reading data from config.dat and Windows Registry.
7 CVE-2014-1226 264 +Priv 2018-04-06 2018-10-09
7.2
None Local Low Not required Complete Complete Complete
The pipe_init_terminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-6876.
8 CVE-2014-1845 264 +Priv 2018-04-27 2018-06-07
4.6
None Local Low Not required Partial Partial Partial
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment.
9 CVE-2014-1846 264 +Priv 2018-04-27 2018-06-07
4.6
None Local Low Not required Partial Partial Partial
Enlightenment before 0.17.6 might allow local users to gain privileges via vectors involving the gdb method.
10 CVE-2014-2071 264 +Priv 2018-01-08 2018-01-31
4.9
None Local Network Medium ??? Partial Partial Partial
Aruba Networks ClearPass Policy Manager 6.1.x, 6.2.x before 6.2.5.61640 and 6.3.x before 6.3.0.61712, when configured to use tunneled and non-tunneled EAP methods in a single policy construct, allows remote authenticated users to gain privileges by advertising independent inner and outer identities within a tunneled EAP method.
11 CVE-2014-5003 20 +Priv 2018-01-10 2018-01-30
2.1
None Local Low Not required None Partial None
chef/travis-cookbooks/ci_environment/perlbrew/recipes/default.rb in the ciborg gem 3.0.0 for Ruby allows local users to write to arbitrary files and gain privileges via a symlink attack on /tmp/perlbrew-installer.
12 CVE-2014-5070 264 +Priv 2018-01-11 2021-09-13
6.5
None Remote Low ??? Partial Partial Partial
Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page.
13 CVE-2014-5279 284 Exec Code +Priv 2018-02-06 2019-04-29
9.0
None Remote Low ??? Complete Complete Complete
The Docker daemon managed by boot2docker 1.2 and earlier improperly enables unauthenticated TCP connections by default, which makes it easier for remote attackers to gain privileges or execute arbitrary code from children containers.
14 CVE-2014-5334 254 +Priv 2018-01-08 2018-01-29
10.0
None Remote Low Not required Complete Complete Complete
FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by leveraging a WebGui login.
15 CVE-2014-5443 264 +Priv 2018-03-19 2018-04-20
4.6
None Local Low Not required Partial Partial Partial
Seafile Server before 3.1.2 and Server Professional Edition before 3.1.0 allow local users to gain privileges via vectors related to ccnet handling user accounts.
16 CVE-2014-7272 264 +Priv 2018-03-08 2018-03-27
7.2
None Local Low Not required Complete Complete Complete
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases).
17 CVE-2014-8421 264 +Priv 2018-04-12 2021-09-09
8.5
None Remote Medium ??? Complete Complete Complete
Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh, or (20) appWeb in /Opera_Deploy.
18 CVE-2015-1862 362 +Priv 2018-02-09 2018-03-08
6.9
None Local Medium Not required Complete Complete Complete
The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment.
19 CVE-2015-1975 74 +Priv 2018-04-03 2018-05-10
4.6
None Local Low Not required Partial Partial Partial
The web administration tool in IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, and 6.3 before iFix 37 and IBM Security Directory Server 6.3.1 before iFix 11 and 6.4 before iFix 2 allows local users to gain privileges via vectors related to argument injection. IBM X-Force ID: 103694.
20 CVE-2015-7440 264 +Priv 2018-03-15 2018-04-11
4.6
None Local Low Not required Partial Partial Partial
IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 might allow local users to gain privileges via unspecified vectors. IBM X-Force ID: 108098.
21 CVE-2015-7596 264 +Priv 2018-03-02 2018-03-17
4.6
None Local Low Not required Partial Partial Partial
SafeNet Authentication Service End User Software Tools for Windows uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.
22 CVE-2015-7597 264 +Priv 2018-03-02 2018-03-17
4.6
None Local Low Not required Partial Partial Partial
SafeNet Authentication Service IIS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.
23 CVE-2015-7598 264 +Priv 2018-03-02 2018-03-17
4.6
None Local Low Not required Partial Partial Partial
SafeNet Authentication Service TokenValidator Proxy Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.
24 CVE-2015-7961 264 +Priv 2018-03-02 2018-03-17
4.6
None Local Low Not required Partial Partial Partial
SafeNet Authentication Service Remote Web Workplace Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.
25 CVE-2015-7962 264 +Priv 2018-03-02 2018-03-17
4.6
None Local Low Not required Partial Partial Partial
SafeNet Authentication Service for Outlook Web App Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.
26 CVE-2015-7963 264 +Priv 2018-03-02 2018-03-17
4.6
None Local Low Not required Partial Partial Partial
SafeNet Authentication Service for AD FS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.
27 CVE-2015-7964 264 +Priv 2018-03-02 2018-03-17
4.6
None Local Low Not required Partial Partial Partial
SafeNet Authentication Service for NPS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.
28 CVE-2015-7965 264 +Priv 2018-03-02 2018-03-17
4.6
None Local Low Not required Partial Partial Partial
SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7966.
29 CVE-2015-7966 264 +Priv 2018-03-02 2018-03-17
4.6
None Local Low Not required Partial Partial Partial
SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7965.
30 CVE-2015-7967 264 +Priv 2018-03-02 2018-03-17
4.6
None Local Low Not required Partial Partial Partial
SafeNet Authentication Service for Citrix Web Interface Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.
31 CVE-2015-9266 22 +Priv Dir. Trav. 2018-09-05 2021-08-12
10.0
None Remote Low Not required Complete Complete Complete
The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root privileges. This vulnerability is fixed in the following product versions (fixes released in July 2015, all prior versions are affected): airMAX AC 7.1.3; airMAX M (and airRouter) 5.6.2 XM/XW/TI, 5.5.11 XM/TI, and 5.5.10u2 XW; airGateway 1.1.5; airFiber AF24/AF24HD 2.2.1, AF5x 3.0.2.1, and AF5 2.2.1; airOS 4 XS2/XS5 4.0.4; and EdgeSwitch XP (formerly TOUGHSwitch) 1.3.2.
32 CVE-2016-0327 264 +Priv 2018-01-12 2018-01-29
4.6
None Local Low Not required Partial Partial Partial
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows local users to gain administrator privileges via unspecified vectors. IBM X-Force ID: 111643.
33 CVE-2016-5345 119 Overflow +Priv 2018-01-23 2018-02-12
6.9
None Local Medium Not required Complete Complete Complete
Buffer overflow in the Qualcomm radio driver in Android before 2017-01-05 on Android One devices allows local users to gain privileges via a crafted application, aka Android internal bug 32639452 and Qualcomm internal bug CR1079713.
34 CVE-2016-6552 255 +Priv 2018-07-13 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
Green Packet DX-350 uses non-random default credentials of: root:wimax. A remote network attacker can gain privileged access to a vulnerable device.
35 CVE-2016-6553 255 +Priv 2018-07-13 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses non-random default credentials of: admin:admin and localdisplay:111111. A remote network attacker can gain privileged access to a vulnerable device.
36 CVE-2016-6554 255 +Priv 2018-07-13 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) . A remote network attacker can gain privileged access to a vulnerable device.
37 CVE-2016-7035 285 +Priv 2018-09-10 2019-10-09
7.2
None Local Low Not required Complete Complete Complete
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.
38 CVE-2016-7070 264 +Priv 2018-09-11 2019-10-09
5.2
None Local Network Low ??? Partial Partial Partial
A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.
39 CVE-2016-9093 20 DoS +Priv 2018-04-16 2018-05-23
6.9
None Local Medium Not required Complete Complete Complete
A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able to successfully run that file. If properly constructed, the file could access the driver interface and potentially manipulate certain system calls. On all 32-bit systems and in most cases on 64-bit systems, this will result in a denial of service that will crash the system. In very narrow circumstances, and on 64-bit systems only, this could allow the user to run arbitrary code on the local machine with kernel-level privileges. This could result in a non-privileged user gaining privileged access on the local machine.
40 CVE-2016-9498 502 Exec Code +Priv 2018-07-13 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe Java objects. The vulnerability can be exploited by remote user without authentication and it allows to execute remote code compromising the application as well as the operating system. As Application Manager's RMI registry is running with privileges of system administrator, by exploiting this vulnerability an attacker gains highest privileges on the underlying operating system.
41 CVE-2017-0933 352 +Priv CSRF 2018-03-22 2019-10-09
8.5
None Remote Medium ??? Complete Complete Complete
Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from a Cross-Site Request Forgery (CSRF) vulnerability. An attacker with access to an operator (read-only) account could lure an admin (root) user to access the attacker-controlled page, allowing the attacker to gain admin privileges in the system.
42 CVE-2017-1714 +Priv 2018-02-13 2019-10-03
7.2
None Local Low Not required Complete Complete Complete
IBM Notes and Domino NSD 8.5 and 9.0 could allow an authenticated local user without administrative privileges to gain System privilege. IBM X-Force ID: 134633.
43 CVE-2017-1731 +Priv 2018-01-30 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security when using the Administrative Console. An authenticated remote attacker could exploit this vulnerability to possibly gain elevated privileges.
44 CVE-2017-2663 +Priv 2018-07-27 2019-10-09
4.6
None Local Low Not required Partial Partial Partial
It was found that subscription-manager's DBus interface before 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods. An unprivileged local attacker could use these methods to gain access to private information, or launch a privilege escalation attack.
45 CVE-2017-3183 863 +Priv 2018-07-24 2019-10-09
6.5
None Remote Low ??? Partial Partial Partial
Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions. Sage XRT Treasury is a business finance management application. Database user access privileges are determined by the USER_CODE field associated with the querying user. By modifying the USER_CODE value to match that of a privileged user, a low-privileged, authenticated user may gain privileged access to the SQL database. A remote, authenticated user can submit specially crafted SQL queries to gain privileged access to the application database.
46 CVE-2017-3960 +Priv 2018-06-12 2019-10-09
6.5
None Remote Low ??? Partial Partial Partial
Exploitation of Authorization vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to gain elevated privileges via a crafted HTTP request parameter.
47 CVE-2017-5802 +Priv 2018-02-15 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
A Remote Gain Privileged Access vulnerability in HPE Vertica Analytics Platform version v4.1 and later was found.
48 CVE-2017-7500 59 +Priv 2018-08-13 2019-10-09
7.2
None Local Low Not required Complete Complete Complete
It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege.
49 CVE-2017-7637 78 +Priv 2018-06-05 2018-07-12
10.0
None Remote Low Not required Complete Complete Complete
QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to run arbitrary OS commands against the system with root privileges.
50 CVE-2017-7640 78 +Priv 2018-03-08 2018-03-27
10.0
None Remote Low Not required Complete Complete Complete
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to run arbitrary OS commands against the system with root privileges.
Total number of vulnerabilities : 247   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.