320 matches found
PT-2024-1556 · Lenovo · Lenovo Tab M8 Hd
Name of the Vulnerable Software and Affected Versions: Lenovo Tab M8 HD affected versions not specified Description: An information disclosure issue was reported, allowing a local application to gather a non-resettable device identifier. This could potentially enable an attacker to disclose...
CVE-2023-29168 PTC Vuforia Studio Insufficiently Protected Credentials
The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication...
CVE-2022-4287
Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and earlier on Windows allows malicious user to access the application...
Updated exempi packages fix security vulnerability
XMP Toolkit SDK versions 2020.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...
CVE-2021-43017 Adobe Creative Cloud DLL Hijacking Local Application Denial of Service
Adobe Creative Cloud version 5.5 and earlier are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the...
CVE-2021-43017 Adobe Creative Cloud DLL Hijacking Local Application Denial of Service
Adobe Creative Cloud version 5.5 and earlier are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the...
CVE-2021-36054
XMP Toolkit SDK version 2020.1 and earlier is affected by a buffer overflow vulnerability potentially resulting in local application denial of service in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file...
Google Android Media Framework Information Disclosure Vulnerability (CNVD-2021-52345)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An information disclosure vulnerability exists in the Media Framework component of Google Android versions 8.1, 9, 10, and 11, which can be exploited by an attacker...
CVE-2021-1803
The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.0.1. A local application may be able to enumerate the user's iCloud documents...
Huawei P30 Resource Management Error Vulnerability
Huawei P30 is a smartphone from Chinese company Huawei Huawei. The HUAWEI P30 suffers from a resource management error vulnerability that allows a local application to perform a denial of service DoS attack. The vulnerability is caused due to improper resource management within the application wh...
Huawei P30 资源管理错误漏洞
Huawei P30 is a smartphone from Chinese company Huawei Huawei. The HUAWEI P30 suffers from a resource management error vulnerability that allows a local application to perform a denial of service DoS attack. The vulnerability is caused due to improper resource management within the application wh...
Mail.ru: Private file read through file attachment
my.com MyMail application for Android could be tricked by malicious local application selected as a file picker by user to copy the file from application folder to insecure location...
Denial Of Service (DoS)
Python is vulnerable to denail of service DoS. Due to a flaw found in the Python urllib and urllib2 libraries where they would not differentiate between different target URLs when handling automatic redirects, it caused Python applications using these modules to follow any new URL that they...
CVE-2019-2215
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network...
UBUNTU-CVE-2019-2215
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network...
CVE-2019-2215
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network...
CVE-2019-2215
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network...
Google Android Framework SmsDefaultDialog.java file elevation of privilege vulnerability
Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in the SmsDefaultDialog.onStart file in Android. An attacker can exploit this vulnerability to bypass user interaction requests and gain additional...
CVE-2019-9801
Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a "URL Handler" in the Windows registry...
CVE-2018-10647
SaferVPN 4.2.5 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "SaferVPN.Service" service. The "SaferVPN.Service" service executes "openvpn.exe" using OpenVPN config files located within the current user's %LOCALAPPDATA%\SaferVPN\OvpnConfig directory. An authenticated...