| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
251 |
CVE-2014-4450 |
255 |
|
|
2014-10-22 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction data from fields with an off autocomplete attribute, which makes it easier for attackers to discover credentials by reading credential values within unintended DOM input elements. |
|
252 |
CVE-2014-4652 |
362 |
|
+Info |
2014-07-03 |
2020-08-14 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access. |
|
253 |
CVE-2014-4822 |
255 |
|
|
2014-10-19 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IBM WebSphere MQ classes for Java libraries 8.0 before 8.0.0.1 and Websphere MQ Explorer 7.5 before 7.5.0.5 and 8.0 before 8.0.0.2 allow local users to discover preconfigured cleartext passwords via an unspecified trace operation. |
|
254 |
CVE-2014-4995 |
200 |
|
+Info |
2018-01-10 |
2018-01-30 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed. |
|
255 |
CVE-2014-5030 |
59 |
|
|
2014-07-29 |
2017-01-07 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py. |
|
256 |
CVE-2014-5036 |
200 |
|
+Info |
2014-09-05 |
2014-09-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Storage Controller (SC) component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell Equallogic SAN is used, logs the CHAP user credentials, which allows local users to obtain sensitive information by reading the logs. |
|
257 |
CVE-2014-5232 |
264 |
|
Bypass |
2015-01-14 |
2015-11-13 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows local users to bypass an intended application-password requirement by leveraging the running of the app in the background state. |
|
258 |
CVE-2014-5233 |
200 |
|
+Info |
2015-01-14 |
2015-11-13 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to discover Sm@rtServer credentials by leveraging an error in the credential-processing mechanism. |
|
259 |
CVE-2014-5423 |
255 |
|
+Info |
2014-10-19 |
2014-10-22 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 allows local users to obtain potentially sensitive information by reading a temporary (1) debugging file or (2) developer file. |
|
260 |
CVE-2014-6146 |
200 |
|
+Info |
2014-11-08 |
2017-09-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Direct Server Adapter is configured, does not properly process the logging configuration, which allows local users to obtain sensitive information by reading log files. |
|
261 |
CVE-2014-6195 |
284 |
|
Bypass |
2015-02-14 |
2017-09-08 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup-Archive client 5.4 and 5.5 before 5.5.4.4 on AIX, Linux, and Solaris; 5.4.x and 5.5.x on Windows and z/OS; 6.1 before 6.1.5.7 on z/OS; 6.1 and 6.2 before 6.2.5.2 on Windows, before 6.2.5.3 on AIX and Linux x86, and before 6.2.5.4 on Linux Z and Solaris; 6.3 before 6.3.2.1 on AIX, before 6.3.2.2 on Windows, and before 6.3.2.3 on Linux; 6.4 before 6.4.2.1; and 7.1 before 7.1.1 in IBM TSM for Mail, when the Data Protection for Lotus Domino component is used, allow local users to bypass authentication and restore a Domino database or transaction-log backup via unspecified vectors. |
|
262 |
CVE-2014-6540 |
|
|
|
2014-10-15 |
2014-11-19 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, before 4.2.26, and before 4.3.14 allows local users to affect availability via vectors related to Graphics driver (WDDM) for Windows guests. |
|
263 |
CVE-2014-7170 |
362 |
|
+Info |
2014-12-17 |
2019-07-11 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service. |
|
264 |
CVE-2014-8134 |
|
|
Bypass |
2014-12-12 |
2020-08-14 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value. |
|
265 |
CVE-2014-8178 |
20 |
|
|
2019-12-17 |
2019-12-30 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands. |
|
266 |
CVE-2014-8595 |
17 |
|
DoS +Priv |
2014-11-19 |
2018-10-30 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far branch instruction. |
|
267 |
CVE-2014-8923 |
200 |
|
+Info |
2015-03-25 |
2016-08-31 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The (1) IBM Tivoli Identity Manager Active Directory adapter before 5.1.24 and (2) IBM Security Identity Manager Active Directory adapter before 6.0.14 for IBM Security Identity Manager on Windows, when certain log and trace levels are configured, store the cleartext administrator password in a log file, which allows local users to obtain sensitive information by reading a file. |
|
268 |
CVE-2014-9415 |
20 |
|
DoS |
2014-12-24 |
2019-05-20 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES file. |
|
269 |
CVE-2015-0001 |
264 |
|
Bypass |
2015-01-13 |
2018-10-12 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light protection mechanism and read the contents of arbitrary process-memory locations by leveraging administrative privileges, aka "Windows Error Reporting Security Feature Bypass Vulnerability." |
|
270 |
CVE-2015-0010 |
310 |
|
Bypass |
2015-02-11 |
2019-05-15 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The CryptProtectMemory function in cng.sys (aka the Cryptography Next Generation driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1, when the CRYPTPROTECTMEMORY_SAME_LOGON option is used, does not check an impersonation token's level, which allows local users to bypass intended decryption restrictions by leveraging a service that (1) has a named-pipe planting vulnerability or (2) uses world-readable shared memory for encrypted data, aka "CNG Security Feature Bypass Vulnerability" or MSRC ID 20707. |
|
271 |
CVE-2015-0245 |
362 |
|
DoS |
2015-02-13 |
2018-10-30 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condition involving sending an ActivationFailure signal before systemd responds. |
|
272 |
CVE-2015-0413 |
|
|
|
2015-01-21 |
2022-05-13 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity via unknown vectors related to Serviceability. |
|
273 |
CVE-2015-0430 |
|
|
|
2015-01-21 |
2017-09-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility. |
|
274 |
CVE-2015-1064 |
200 |
|
Bypass +Info |
2015-03-12 |
2015-09-11 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Springboard in Apple iOS before 8.2 allows physically proximate attackers to bypass an intended activation requirement and read the home screen by leveraging an application crash during the activation process. |
|
275 |
CVE-2015-1085 |
264 |
|
|
2015-04-10 |
2017-01-03 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
AppleKeyStore in Apple iOS before 8.3 does not properly restrict a certain passcode-confirmation interface, which makes it easier for attackers to verify correct passcode guesses via a crafted app. |
|
276 |
CVE-2015-1094 |
200 |
|
+Info |
2015-04-10 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. |
|
277 |
CVE-2015-1096 |
200 |
|
+Info |
2015-04-10 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. |
|
278 |
CVE-2015-1097 |
200 |
|
+Info |
2015-04-10 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. |
|
279 |
CVE-2015-1107 |
|
|
|
2015-04-10 |
2017-01-03 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The Lock Screen component in Apple iOS before 8.3 does not properly implement the erasure feature for incorrect passcode-authentication attempts, which makes it easier for physically proximate attackers to obtain access by making many passcode guesses. |
|
280 |
CVE-2015-1113 |
200 |
|
+Info |
2015-04-10 |
2017-01-03 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Sandbox Profiles component in Apple iOS before 8.3 allows attackers to read the (1) telephone number or (2) e-mail address of a recent contact via a crafted app. |
|
281 |
CVE-2015-1114 |
200 |
|
+Info |
2015-04-10 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Sandbox Profiles component in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to discover hardware identifiers via a crafted app. |
|
282 |
CVE-2015-1145 |
310 |
|
Bypass |
2015-04-10 |
2019-01-31 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146. |
|
283 |
CVE-2015-1146 |
310 |
|
Bypass |
2015-04-10 |
2019-01-31 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1145. |
|
284 |
CVE-2015-1197 |
|
|
|
2015-02-19 |
2016-12-06 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive. |
|
285 |
CVE-2015-1420 |
362 |
|
Bypass |
2015-03-16 |
2016-12-28 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function. |
|
286 |
CVE-2015-1681 |
119 |
|
DoS Overflow |
2015-05-13 |
2019-05-14 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to cause a denial of service via a crafted .msc file, aka "Microsoft Management Console File Format Denial of Service Vulnerability." |
|
287 |
CVE-2015-1901 |
200 |
|
+Info |
2015-06-28 |
2016-11-30 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The installer in IBM InfoSphere Information Server 8.5 through 11.3 before 11.3.1.2 allows local users to obtain sensitive information via unspecified commands. |
|
288 |
CVE-2015-1985 |
284 |
|
Bypass |
2016-01-03 |
2016-01-07 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows local users to bypass an intended password requirement and read private keys by leveraging the existence of a stash file. |
|
289 |
CVE-2015-2152 |
264 |
|
|
2015-03-18 |
2018-10-30 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, when compiled with SDL support, or connecting to the VNC server on (2) ::1 or (3) 127.0.0.1, when not compiled with SDL support. |
|
290 |
CVE-2015-2534 |
284 |
|
Bypass |
2015-09-09 |
2019-05-14 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL settings, which allows local users to bypass intended network-traffic restrictions via a crafted application, aka "Hyper-V Security Feature Bypass Vulnerability." |
|
291 |
CVE-2015-2580 |
|
|
|
2015-07-16 |
2017-09-22 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to NFSv4. |
|
292 |
CVE-2015-2662 |
|
|
|
2015-07-16 |
2017-09-22 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to DHCP Server. |
|
293 |
CVE-2015-2687 |
284 |
|
|
2017-08-09 |
2017-08-24 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for. |
|
294 |
CVE-2015-2830 |
264 |
|
Bypass |
2015-05-27 |
2018-01-05 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp before 3.16. |
|
295 |
CVE-2015-3142 |
200 |
|
+Info |
2017-06-26 |
2018-01-05 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The kernel-invoked coredump processor in Automatic Bug Reporting Tool (ABRT) does not properly check the ownership of files before writing core dumps to them, which allows local users to obtain sensitive information by leveraging write permissions to the working directory of a crashed application. |
|
296 |
CVE-2015-3785 |
|
|
Bypass |
2015-10-09 |
2016-12-08 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The Telephony component in Apple OS X before 10.11, when the Continuity feature is enabled, allows local users to bypass intended telephone-call restrictions via unspecified vectors. |
|
297 |
CVE-2015-4037 |
17 |
|
DoS |
2015-08-26 |
2016-12-24 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program. |
|
298 |
CVE-2015-4766 |
|
|
|
2015-10-21 |
2016-12-24 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall. |
|
299 |
CVE-2015-4808 |
|
|
|
2016-01-21 |
2017-09-10 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via vectors related to Outside In Filters, a different vulnerability than CVE-2015-6013, CVE-2015-6014, CVE-2015-6015, and CVE-2016-0432. |
|
300 |
CVE-2015-4990 |
200 |
|
+Info |
2016-01-02 |
2016-01-06 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows local users to discover credentials by leveraging privileges during an unspecified connection type. |
