805 matches found
CVE-2024-10404
CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text. The vulnerability could allow an authenticated, local attacker to view Brocade Fabric OS switch sensitive information in clear text. An attacker with administrative privileges could retrieve sensitive...
SUSE CVE-2024-37020
Sequence of processor instructions leads to unexpected behavior in the IntelR DSA V1.0 for some IntelR XeonR Processors may allow an authenticated user to potentially enable denial of service via local access...
UBUNTU-CVE-2024-39355
Improper handling of physical or environmental conditions in some IntelR Processors may allow an authenticated user to enable denial of service via local access...
PT-2025-6660
Name of the Vulnerable Software and Affected Versions: IntelR Advisor versions prior to 2024.2 Description: The issue concerns an uncontrolled search path in some IntelR Advisor software, which may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2021-35028
A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands...
CVE-2024-29119
A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...
CVE-2024-37999
A vulnerability has been identified in Medicalis Workflow Orchestrator All versions. The affected application executes as a trusted account with high privileges and network access. This could allow an authenticated local attacker to escalate privileges...
Cisco AsyncOS 安全漏洞
Cisco AsyncOS is an operating system for Cisco devices from Cisco USA. A security vulnerability exists in Cisco AsyncOS, which stems from a flaw in the password generation algorithm that allows an authenticated, local attacker to generate temporary passwords and gain root privileges...
QVPN Device Client 代码问题漏洞
QNAP Systems QVPN Device Client is a client software from China Weilian Technology QNAP Systems that is used to manage connections to VPN servers running on QNAP devices. A code issue vulnerability exists in QVPN Device Client that stems from an insecure library loading vulnerability that allows ...
Cisco Unified Computing System Unrestricted Upload of File with Dangerous Type (CVE-2017-12332)
A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...
Cisco NX-OS Command Injection (CVE-2017-12339)
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this vulnerability by injecting...
Cisco NX-OS Improper Input Validation (CVE-2017-12338)
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could exploit this vulnerability by issuing a crafted...
Cisco NX-OS Improper Encoding or Escaping of Output (CVE-2017-12340)
A vulnerability in Cisco NX-OS System Software running on Cisco MDS Multilayer Director Switches, Cisco Nexus 7000 Series Switches, and Cisco Nexus 7700 Series Switches could allow an authenticated, local attacker to access the Bash shell of an affected device's operating system, even if the Bash...
CVE-2020-26071
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service DoS condition. The vulnerability is due to insufficient input validation for specific commands. ...
CVE-2023-20093
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An...
CVE-2023-20039
A vulnerability in Cisco IND could allow an authenticated, local attacker to read application data. This vulnerability is due to insufficient default file permissions that are applied to the application data directory. An attacker could exploit this vulnerability by accessing files in the...
Cisco RoomOS Software和Cisco TelePresence Collaboration Endpoint Software 安全漏洞
Cisco RoomOS Software and Cisco TelePresence Collaboration Endpoint Software are both products of Cisco Corporation.Cisco RoomOS Software is a set of automated management software for Cisco devices. The software is mainly used for upgrading and managing the motherboard firmware of Cisco...
Cisco RoomOS Software和Cisco TelePresence Collaboration Endpoint Software 安全漏洞
Cisco RoomOS Software and Cisco TelePresence Collaboration Endpoint Software are both products of Cisco Corporation.Cisco RoomOS Software is a set of automated management software for Cisco devices. The software is mainly used for upgrading and managing the motherboard firmware of Cisco...
Cisco Industrial Network Director 安全漏洞
Cisco Industrial Network Director IND is an industrial automation management system from the American company Cisco. The system automates the management of industrial Ethernet infrastructure by visualizing its operation. Cisco Industrial Network Director has a security vulnerability that stems fr...
CVE-2024-37027
Improper Input validation in some IntelR VTuneTM Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable denial of service via local access...