CVE Daily
← All tags

Tag: Privilege Escalation

All CVEs associated with "Privilege Escalation". Page 59/66 • 7822 CVEs.

Subscribe CVEs: RSS for “Privilege Escalation”  ·  RSS (High+Critical only)

About “Privilege Escalation”

A curated feed of “Privilege Escalation”-related CVEs appears below. We currently track 7822 CVEs for this tag (all time). In the last 365 days, 1227 were published. Average CVSS is 7.7 (all time; 7.9 over 365d), and 84% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-269 - Improper Privilege Management, CWE-266 - Incorrect Privilege Assignment, CWE-862 - Missing Authorization.

In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2017-03-17
High

CVE-2017-0081

The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0080

The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnera…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0079

The kernel-mode drivers in Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevati…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0078

The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0056

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 160…

CVSS: 7.8 CWE: N/A View on NVD
Medium

CVE-2017-0055

Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, a…

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
High

CVE-2017-0050

The kernel API in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7; Windows 8; Windows 10 Gold, 1511, and 1607; Windows RT 8.1; Windows Server 2012 Gold and R2; and Windows…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0047

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gol…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0026

The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnera…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0025

The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; a…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0024

The kernel-mode drivers in Microsoft Windows 10 1607 and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vu…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0005

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gol…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0001

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gol…

CVSS: 7.8 CWE: N/A View on NVD
2017-03-15
High

CVE-2017-3819

A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Pack…

CVSS: 8.8 CWE: CWE-264 View on NVD
2017-03-14
High

CVE-2016-8009

Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code executi…

CVSS: 7.8 CWE: CWE-264 View on NVD
High

CVE-2016-8008

Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus (SSP) 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a…

CVSS: 8.8 CWE: CWE-264 View on NVD
High

CVE-2017-6896

Privilege escalation vulnerability on the DIGISOL DG-HR1400 1.00.02 wireless router enables an attacker to escalate from user privilege to admin privilege just by modifying the Base64-encoded session…

CVSS: 8.8 CWE: CWE-565 - Reliance on Cookies without Validation and Integrity Checking View on NVD
Medium

CVE-2017-6516

A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-…

CVSS: 6.7 CWE: CWE-20 - Improper Input Validation View on NVD
2017-03-12
Critical

CVE-2017-5624

An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can persistently make the (locked) bootloader start the platform with dm-verity disabled, by issuing the 'fastboot…

CVSS: 9.8 CWE: CWE-269 - Improper Privilege Management View on NVD
2017-03-08
High

CVE-2017-0528

An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as H…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0527

An elevation of privilege vulnerability in the HTC Sensor Hub Driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0526

An elevation of privilege vulnerability in the HTC Sensor Hub Driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0525

An elevation of privilege vulnerability in the Qualcomm IPA driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High b…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0524

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0523

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0522

An elevation of privilege vulnerability in a MediaTek APK could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0521

An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig…

CVSS: 7.0 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2017-0520

An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated…

CVSS: 7.0 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2017-0519

An elevation of privilege vulnerability in the Qualcomm fingerprint sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0518

An elevation of privilege vulnerability in the Qualcomm fingerprint sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0517

An elevation of privilege vulnerability in the MediaTek hardware sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rat…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0516

An elevation of privilege vulnerability in the Qualcomm input hardware driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rate…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0510

An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critic…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0509

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Crit…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0508

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Criti…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0507

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Criti…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0506

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0505

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0504

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0503

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0502

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0501

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0500

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious applic…

CVSS: 7.8 CWE: N/A View on NVD
Medium

CVE-2017-0492

An elevation of privilege vulnerability in the System UI could enable a local malicious application to create a UI overlay covering the entire screen. This issue is rated as Moderate because it is a…

CVSS: 5.5 CWE: CWE-1021 - Improper Restriction of Rendered UI Layers or Frames View on NVD
Medium

CVE-2017-0491

An elevation of privilege vulnerability in Package Manager could enable a local malicious application to prevent users from uninstalling applications or removing permissions from applications. This i…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2017-0490

An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to delete user data. This issue is rated as Moderate because it is a local bypass of user interaction requi…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2017-0489

An elevation of privilege vulnerability in Location Manager could enable a local malicious application to bypass operating system protections for location data. This issue is rated as Moderate becaus…

CVSS: 5.5 CWE: N/A View on NVD
High

CVE-2017-0481

An elevation of privilege vulnerability in NFC could enable a proximate attacker to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be…

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2017-0480

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High bec…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0479

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High bec…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0475

An elevation of privilege vulnerability in the recovery verifier could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical…

CVSS: 7.8 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2017-0464

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0463

An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as…

CVSS: 7.0 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2017-0460

An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0458

An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig…

CVSS: 7.0 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2017-0457

An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hi…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0456

An elevation of privilege vulnerability in the Qualcomm IPA driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High b…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0453

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2017-0338

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0337

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0335

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0333

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0307

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical…

CVSS: 7.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2017-0306

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical…

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2016-8479

An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critic…

CVSS: 7.8 CWE: CWE-264 View on NVD
High

CVE-2016-8417

An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Mod…

CVSS: 7.0 CWE: CWE-264 View on NVD
2017-02-21
High

CVE-2016-9315

Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earli…

CVSS: 8.8 CWE: CWE-264 View on NVD
2017-02-15
High

CVE-2017-3801

A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile, a Privil…

CVSS: 8.8 CWE: CWE-264 View on NVD
High

CVE-2016-8972

IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011.

CVSS: 7.8 CWE: CWE-264 View on NVD
High

CVE-2016-10089

Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.

CVSS: 7.8 CWE: CWE-264 View on NVD
2017-02-13
High

CVE-2016-8346

An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access configuration and log fi…

CVSS: 7.5 CWE: CWE-532 - Insertion of Sensitive Information into Log File View on NVD
2017-02-08
High

CVE-2017-0450

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0449

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Mode…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0447

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0446

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0445

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0444

An elevation of privilege vulnerability in the Realtek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0443

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0442

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2017-0441

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2017-0440

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2017-0439

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2017-0438

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2017-0437

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2017-0436

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0435

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0434

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. This is…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0433

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. This is…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0432

An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High becau…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0430

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Crit…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0429

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2017-0428

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical…

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2017-0427

An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critica…

CVSS: 7.8 CWE: N/A View on NVD
Medium

CVE-2017-0423

An elevation of privilege vulnerability in Bluetooth could enable a proximate attacker to manage access to documents on the device. This issue is rated as Moderate because it first requires exploitat…

CVSS: 5.3 CWE: CWE-732 - Incorrect Permission Assignment for Critical Resource View on NVD
High

CVE-2017-0419

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High bec…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0418

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High bec…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2017-0417

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High bec…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2017-0416

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High bec…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2017-0415

An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High bec…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2017-0412

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as H…

CVSS: 7.8 CWE: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition View on NVD
High

CVE-2017-0411

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as H…

CVSS: 7.8 CWE: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition View on NVD
High

CVE-2017-0410

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as H…

CVSS: 7.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2016-8481

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-264 View on NVD
High

CVE-2016-8480

An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the…

CVSS: 7.0 CWE: CWE-264 View on NVD
High

CVE-2016-8476

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-264 View on NVD
High

CVE-2016-8421

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-264 View on NVD
High

CVE-2016-8420

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-264 View on NVD
High

CVE-2016-8419

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-264 View on NVD
2017-02-03
High

CVE-2016-9871

EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially…

CVSS: 7.2 CWE: CWE-264 View on NVD
2017-02-02
High

CVE-2017-1093

IBM AIX 6.1, 7.1, and 7.2 could allow a local user to exploit a vulnerability in the bellmail binary to gain root privileges.

CVSS: 7.8 CWE: N/A View on NVD
2017-01-27
High

CVE-2016-9795

The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Unive…

CVSS: 7.8 CWE: CWE-20 - Improper Input Validation View on NVD
2017-01-26
High

CVE-2016-8227

Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges.

CVSS: 7.8 CWE: CWE-284 - Improper Access Control View on NVD
2017-01-18
High

CVE-2014-9910

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-264 View on NVD
High

CVE-2014-9909

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…

CVSS: 7.0 CWE: CWE-264 View on NVD
2017-01-13
Medium

CVE-2016-8467

An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent…

CVSS: 5.5 CWE: CWE-264 View on NVD
2017-01-12
High

CVE-2016-8221

Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by a…

CVSS: 7.0 CWE: CWE-264 View on NVD
High

CVE-2017-0404

An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Hig…

CVSS: 7.0 CWE: N/A View on NVD
High

CVE-2017-0403

An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated…

CVSS: 7.0 CWE: N/A View on NVD
Medium

CVE-2017-0395

An elevation of privilege vulnerability in Contacts could enable a local malicious application to silently create contact information. This issue is rated as Moderate because it is a local bypass of…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2017-0388

An elevation of privilege vulnerability in the External Storage Provider could enable a local secondary user to read data from an external storage SD card inserted by the primary user. This issue is…

CVSS: 5.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD