CVE-2024-54678

A vulnerability has been identified in SIMATIC PCS neo V4.1 All versions, SIMATIC PCS neo V5.0 All versions, SIMATIC PCS neo V6.0 All versions V6.0 SP1 Update 1, SIMATIC S7-PLCSIM V17 All versions, SIMATIC STEP 7 V17 All versions V17 Update 9, SIMATIC STEP 7 V18 All versions, SIMATIC STEP 7 V19 A...

CVE-2024-54678

CVE-2024-54678 affects a broad set of Siemens industrial products (e.g., SIMATIC PCS neo 4.1–6.0, STEP 7, WinCC, S7-PLCSIM, SIMATIC SIRIUS/SIMOCODE/SCOUT/STArtDrive, TIA Portal Cloud, etc.). The root cause is improper sanitization of Interprocess Communication input via a Windows Named Pipe that ...

PT-2025-32755 · Intel · Intel Graphics Driver

Name of the Vulnerable Software and Affected Versions: IntelR Graphics Driver software affected versions not specified Description: An uncontrolled search path in some IntelR Graphics Driver software may allow an authenticated user to potentially escalate privileges via local access...

CVE-2025-20308

CVE-2025-20308 affects Cisco Spaces Connector. An authenticated, local attacker with spacesadmin privileges can run a crafted CLI command to elevate privileges and execute arbitrary commands on the underlying OS as root. The root cause is insufficient restrictions during the execution of specific...

microcode_ctl: Exposure of sensitive information

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel AtomR processors may allow an authenticated user to potentially enable information disclosure via local access...

microcode_ctl: Exposure of sensitive information

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Core™ processors 10th Generation may allow an authenticated user to potentially enable information disclosure via local access...

microcode_ctl: Exposure of sensitive information

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel AtomR processors may allow an authenticated user to potentially enable information disclosure via local access...

microcode_ctl: Exposure of sensitive information

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

microcode_ctl: Exposure of sensitive information

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel AtomR processors may allow an authenticated user to potentially enable information disclosure via local access...

K000151924: runc vulnerability CVE-2024-45310

Security Advisory Description runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a...

CVE-2025-20278

A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation of user-supplied...

CVE-2024-20343

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the...

CVE-2024-0816

The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50ABVY.4C0 could allow an authenticated local attacker to cause denial of service DoS conditions by executing the CLI command with crafted strings on an affected device...

CVE-2024-30208

A vulnerability has been identified in SIMATIC RTLS Locating Manager 6GT2780-0DA00 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA10 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA20 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA30 All versions...

CVE-2023-35140

The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version V2.70ABTO.5 could allow an authenticated local user with read-only access to modify system settings on a vulnerable device...

CVE-2023-37925

An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50W series firmware versions 4.16 through 5.37, USG20W-VPN series firmware versions 4.16 through 5.37,...

CVE-2023-23580

Stack-based buffer overflow for some IntelR Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access...

CVE-2023-22305

Integer overflow in some IntelR Aptio V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access...

CVE-2023-32660

Uncontrolled search path in some IntelR NUC Kit NUC6i7KYK ThunderboltTM 3 Firmware Update Tool installation software before version 46 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-20063

A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense FTD Software and devices that are running Cisco Firepower Management FMC Software could allow an authenticated, local attacker to execute arbitrary commands with root...