AZL-27559 CVE-2022-28737 affecting package shim for versions less than 15.8-1

There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...

PT-2023-25886 · Unknown · Infodoc Document On-Line Submission/Approval System

Name of the Vulnerable Software and Affected Versions: InfoDoc Document On-line Submission and Approval System versions 22547, 22567 Description: The issue is related to an Unrestricted Upload of File with Dangerous Type in the file uploading function. This allows an unauthenticated remote attack...

Security Vulnerabilities fixed in Thunderbird 115.0.1 — Mozilla

During the worker lifecycle, a use-after-free condition could have occurred, which could have led to a potentially exploitable crash. Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in...

CVE-2023-3514

Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral =7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with the named pipe as a low-privilege user and calling "AddModule" or "UninstallModules" command to...

Design/Logic Flaw

Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral =7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with the named pipe as a low-privilege user and calling "AddModule" or "UninstallModules" command to...

IBM DB2 Elevation of Privilege Vulnerability (CNVD-2023-58521)

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. An elevation of privilege vulnerability exists in IBM DB2, which can be exploited by an attacker t...

Privilege escalation

IBM Db2 on Windows 10.5, 11.1, and 11.5 may be vulnerable to a privilege escalation caused by at least one installed service using an unquoted service path. A local attacker could exploit this vulnerability to gain elevated privileges by inserting an executable file in the path of the affected...

IBM DB2 安全漏洞

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. An elevation of privilege vulnerability exists in IBM DB2, which can be exploited by an attacker t...

PT-2023-25467 · Avg · Avg Anti-Spyware

Name of the Vulnerable Software and Affected Versions: AVG Anti-Spyware version 7.5 Description: An issue in AVG Anti-Spyware allows an attacker to execute arbitrary code via a crafted script to the guard.exe component. Recommendations: For AVG Anti-Spyware version 7.5, consider updating to a new...

CVE-2023-27558 IBM Db2 privilege escalation

IBM Db2 on Windows 10.5, 11.1, and 11.5 may be vulnerable to a privilege escalation caused by at least one installed service using an unquoted service path. A local attacker could exploit this vulnerability to gain elevated privileges by inserting an executable file in the path of the affected...

Server Side Request Forgery (SSRF)

wp-graphql/wp-graphql is vulnerable to Server Side Request Forgery SSRF. The vulnerability exists due to executable paths in GraphQL queries like createMediaItem, which allows authenticated users to get unauthorized access to servers, thus jeopardizing server security...

DEBIAN-CVE-2023-25523

NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service...

UBUNTU-CVE-2023-25523

NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service...

Security Vulnerabilities fixed in Thunderbird 102.13.1 — Mozilla

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension...

WPGraphQL Plugin vulnerable to Server Side Request Forgery (SSRF)

Impact Users with capabilities to upload media editors and above are succeptible to SSRF Server-Side Request Forgery when executing the createMediaItem Mutation. Authenticated users making GraphQL requests that execute the createMediaItem could pass executable paths in the mutations filePath...

Design/Logic Flaw

The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LDLIBRARYPATH, set LDPRELOAD, or run an executable file in a debugger...

CVE-2023-29145

The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LDLIBRARYPATH, set LDPRELOAD, or run an executable file in a debugger...

Malwarebytes 安全漏洞

Malwarebytes is an application that provides anti-malware functionality to devices from the US-based company Malwarebytes. The software is designed to defend against viruses, spyware, Trojans, worms, dial-up programs, and other malware. debug is a small JavaScript debugging utility open-sourced b...

MAL-2023-1096 Malicious code in @okcoin-dev/blade (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 71645eda002c3a56f041a1c91f7072a640455be1d5bed1cc7cf67fd4c1cff44b The OpenSSF Package Analysis project identified '@okcoin-dev/blade' @ 1.11.33 npm as malicious. It is considered malicious because: - The packag...

CVE-2023-28929

Trend Micro Security 2021, 2022, and 2023 Consumer are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is started...