Total
5464 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-6028 | 1 Ibm | 1 Rational Collaborative Lifecycle Management | 2025-04-20 | N/A |
| IBM Jazz technology based products might allow an attacker to view work item titles that they do not have privilege to view. | ||||
| CVE-2016-4340 | 1 Gitlab | 1 Gitlab | 2025-04-20 | N/A |
| The impersonate feature in Gitlab 8.7.0, 8.6.0 through 8.6.7, 8.5.0 through 8.5.11, 8.4.0 through 8.4.9, 8.3.0 through 8.3.8, and 8.2.0 through 8.2.4 allows remote authenticated users to "log in" as any other user via unspecified vectors. | ||||
| CVE-2016-4435 | 1 Pivotal | 1 Bosh Stemcell | 2025-04-20 | N/A |
| An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID. | ||||
| CVE-2016-4455 | 1 Redhat | 6 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 3 more | 2025-04-20 | 3.3 Low |
| The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories. | ||||
| CVE-2016-4471 | 1 Redhat | 2 Cloudforms, Cloudforms Managementengine | 2025-04-20 | N/A |
| ManageIQ in CloudForms before 4.1 allows remote authenticated users to execute arbitrary code. | ||||
| CVE-2016-4617 | 1 Apple | 1 Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves a sandbox escape related to launchctl process spawning in the "libxpc" component. | ||||
| CVE-2016-4675 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||||
| CVE-2016-4686 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the "Contacts" component, which does not prevent an app's Address Book access after access revocation. | ||||
| CVE-2016-4889 | 1 Zohocorp | 1 Servicedesk Plus | 2025-04-20 | N/A |
| ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote authenticated guest users to have unspecified impact by leveraging failure to restrict access to unknown functions. | ||||
| CVE-2016-4896 | 1 Setucocms Project | 1 Setucocms | 2025-04-20 | N/A |
| SetsucoCMS all versions does not properly manage sessions, which allows remote attackers to disclose or alter unauthorized information via unspecified vectors. | ||||
| CVE-2016-4043 | 1 Plone | 1 Plone | 2025-04-20 | N/A |
| Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1 allows remote authenticated users to bypass Restricted Python by leveraging permissions to create or edit templates. | ||||
| CVE-2016-1597 | 1 Netiq | 1 Access Governance Suite | 2025-04-20 | N/A |
| A logged-in user in NetIQ Access Governance Suite 6.0 through 6.4 could escalate privileges to administrator. | ||||
| CVE-2016-1876 | 1 Lenovo | 1 Solution Center | 2025-04-20 | N/A |
| The backend service process in Lenovo Solution Center (aka LSC) before 3.3.0002 allows local users to gain SYSTEM privileges via unspecified vectors. | ||||
| CVE-2016-1880 | 1 Freebsd | 1 Freebsd | 2025-04-20 | N/A |
| The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "handling of Linux futex robust lists." | ||||
| CVE-2016-1881 | 1 Freebsd | 1 Freebsd | 2025-04-20 | N/A |
| The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause a denial of service (crash) or potentially gain privilege via a crafted Linux compatibility layer setgroups system call. | ||||
| CVE-2016-2779 | 1 Kernel | 1 Util-linux | 2025-04-20 | N/A |
| runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | ||||
| CVE-2016-2959 | 1 Ibm | 1 Sametime | 2025-04-20 | N/A |
| IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting room manager to remove the primary managers privileges. IBM X-Force ID: 113804. | ||||
| CVE-2016-3051 | 1 Ibm | 1 Security Access Manager 9.0 Firmware | 2025-04-20 | N/A |
| IBM Security Access Manager for Web 9.0.0 could allow an authenticated user to access some privileged functionality of the server. IBM X-Force ID: 114714. | ||||
| CVE-2016-3053 | 1 Ibm | 1 Aix | 2025-04-20 | N/A |
| IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. | ||||
| CVE-2016-3067 | 1 Cygwin | 1 Cygwin | 2025-04-20 | N/A |
| Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges. | ||||