Vulnerabilities (CVE)

Filtered by CWE-269
Total 2348 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-1520 3 Fedoraproject, Microsoft, Mozilla 4 Fedora, Windows, Firefox and 1 more 2024-11-21 6.9 MEDIUM N/A
maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process.
CVE-2014-1511 6 Canonical, Debian, Mozilla and 3 more 17 Ubuntu Linux, Debian Linux, Firefox and 14 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
CVE-2014-1510 6 Canonical, Debian, Mozilla and 3 more 17 Ubuntu Linux, Debian Linux, Firefox and 14 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.
CVE-2014-1496 2 Mozilla, Suse 7 Firefox, Firefox Esr, Seamonkey and 4 more 2024-11-21 1.9 LOW 5.5 MEDIUM
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.
CVE-2014-0204 1 Openstack 1 Keystone 2024-11-21 6.5 MEDIUM N/A
OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID.
CVE-2014-0185 1 Php 1 Php 2024-11-21 7.2 HIGH N/A
sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client.
CVE-2013-7421 4 Canonical, Debian, Linux and 1 more 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more 2024-11-21 2.1 LOW N/A
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.
CVE-2013-6391 3 Canonical, Openstack, Redhat 3 Ubuntu Linux, Keystone, Openstack 2024-11-21 5.8 MEDIUM N/A
The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2tokens API request.
CVE-2013-0643 7 Adobe, Apple, Linux and 4 more 11 Flash Player, Mac Os X, Linux Kernel and 8 more 2024-11-21 9.3 HIGH 8.8 HIGH
The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.
CVE-2012-5376 1 Google 1 Chrome 2024-11-21 9.3 HIGH 9.6 CRITICAL
The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process, a different vulnerability than CVE-2012-5112.
CVE-2012-3993 1 Mozilla 4 Firefox, Seamonkey, Thunderbird and 1 more 2024-11-21 9.3 HIGH N/A
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site, related to an "XrayWrapper pollution" issue.
CVE-2012-0384 1 Cisco 2 Ios, Ios Xe 2024-11-21 8.5 HIGH 7.2 HIGH
Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS before 3.1.2S, 3.2.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.1.xSG and 3.2.xSG before 3.2.2SG, when AAA authorization is enabled, allow remote authenticated users to bypass intended access restrictions and execute commands via a (1) HTTP or (2) HTTPS session, aka Bug ID CSCtr91106.
CVE-2011-3898 1 Google 1 Chrome 2024-11-21 7.5 HIGH N/A
Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation before applet execution begins, which allows remote attackers to have an unspecified impact via a crafted applet.
CVE-2011-3054 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 4.3 MEDIUM N/A
The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-2011-1526 5 Debian, Fedoraproject, Mit and 2 more 7 Debian Linux, Fedora, Krb5-appl and 4 more 2024-11-21 6.5 MEDIUM N/A
ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script.
CVE-2010-4347 3 Linux, Opensuse, Suse 3 Linux Kernel, Opensuse, Linux Enterprise Real Time Extension 2024-11-21 6.9 MEDIUM N/A
The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs custom_method file, which allows local users to gain privileges by placing a custom ACPI method in the ACPI interpreter tables, related to the acpi_debugfs_init function in drivers/acpi/debugfs.c.
CVE-2010-4258 4 Fedoraproject, Linux, Opensuse and 1 more 7 Fedora, Linux Kernel, Opensuse and 4 more 2024-11-21 6.2 MEDIUM N/A
The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call.
CVE-2010-3301 3 Canonical, Linux, Suse 3 Ubuntu Linux, Linux Kernel, Linux Enterprise Real Time Extension 2024-11-21 7.2 HIGH N/A
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression.
CVE-2009-2848 8 Canonical, Fedoraproject, Linux and 5 more 13 Ubuntu Linux, Fedora, Linux Kernel and 10 more 2024-11-21 5.9 MEDIUM N/A
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
CVE-2009-0080 1 Microsoft 2 Windows Server 2008, Windows Vista 2024-11-21 6.9 MEDIUM N/A
The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka "Windows Thread Pool ACL Weakness Vulnerability."