CVE-2024-8011

Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera...

CVE-2024-8011

Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera...

CVE-2024-8011

Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera...

CVE-2024-8011

Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera...

CVE-2024-8011

CVE-2024-8011 affects Logitech Options+ on macOS prior to 1.72. The issue allows a local attacker to inject a dynamic library into the Options+ runtime and abuse user-granted permissions (e.g., Camera). Root cause is the ability to load/execute injected code within the Options+ process while main...

PT-2024-38751 · Logitech · Logitech Options

Name of the Vulnerable Software and Affected Versions: Logitech Options+ versions prior to 1.72 Description: The issue allows a local attacker to inject a dynamic library within the Logitech Options+ runtime and abuse permissions granted by the user, such as access to the Camera. This can lead to...

CVE-2023-31348

A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

PT-2024-29000 · Changing Information Technology · Tcbservisign

Name of the Vulnerable Software and Affected Versions: TCBServiSign Windows Version from CHANGING Information Technology affected versions not specified Description: The issue concerns improper validation of server-side input in a specific API. This allows unauthenticated remote attackers to caus...

CVE-2024-31203

A “CWE-121: Stack-based Buffer Overflow” in the wd210std.dll dynamic library packaged with the ThermoscanIP installer allows a local attacker to possibly trigger a Denial-of-Service DoS condition on the target component...

CVE-2024-31203

CVE-2024-31203 describes a CWE-121 stack-based buffer overflow in the wd210std.dll library packaged with ThermoscanIP installer. The vulnerability allows a local attacker to trigger a Denial-of-Service condition on the target component. The available sources consistently identify the affected com...

PT-2024-23847 · Unknown · Thermoscanip

Name of the Vulnerable Software and Affected Versions: ThermoscanIP affected versions not specified Description: A stack-based buffer overflow issue in the wd210std.dll dynamic library allows a local attacker to possibly trigger a Denial-of-Service DoS condition on the target component. This issu...

CVE-2024-41139

Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19.210.04e. If a user who can log in to the PC where the product's Windows client is installed places a specially crafted DLL file in a specific folder, arbitrary code may be executed with SYSTEM privile...

Mp3tag 代码问题漏洞

Mp3tag is a metadata tag editor from Mp3tag, Inc. A code issue vulnerability exists in Mp3tag 3.26d and prior versions, which stems from unknown code in the component DLL Handler that can lead to uncontrolled search paths...

PT-2024-7521 · Autodesk · Autodesk Autocad

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD affected versions not specified Description: A maliciously crafted SLDPRT file can cause a Heap Based Buffer Overflow when parsed in odxsw dll.dll through Autodesk AutoCAD. This issue can be leveraged by a malicious actor to...

ghostscript: OPVP device arbitrary code execution via custom Driver library

A flaw was found in Ghostscript. The "Driver" parameter for the "opvp"/"oprp" device specifies the name of a dynamic library and allows any library to be loaded. This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to...

ghostscript: OPVP device arbitrary code execution via custom Driver library

A flaw was found in Ghostscript. The "Driver" parameter for the "opvp"/"oprp" device specifies the name of a dynamic library and allows any library to be loaded. This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to...

ghostscript: OPVP device arbitrary code execution via custom Driver library

A flaw was found in Ghostscript. The "Driver" parameter for the "opvp"/"oprp" device specifies the name of a dynamic library and allows any library to be loaded. This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to...

ghostscript: OPVP device arbitrary code execution via custom Driver library

A flaw was found in Ghostscript. The "Driver" parameter for the "opvp"/"oprp" device specifies the name of a dynamic library and allows any library to be loaded. This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to...

ghostscript: OPVP device arbitrary code execution via custom Driver library

A flaw was found in Ghostscript. The "Driver" parameter for the "opvp"/"oprp" device specifies the name of a dynamic library and allows any library to be loaded. This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to...

ghostscript: OPVP device arbitrary code execution via custom Driver library

A flaw was found in Ghostscript. The "Driver" parameter for the "opvp"/"oprp" device specifies the name of a dynamic library and allows any library to be loaded. This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to...