DEBIAN-CVE-2024-27629

An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via the generated file name is not properly escaped and injected into a system call when certain types of compression are used...

UBUNTU-CVE-2024-27629

An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via the generated file name is not properly escaped and injected into a system call when certain types of compression are used...

git: additional local RCE

A flaw was found in Git in a full copy of a Git repository. A prerequisite for this vulnerability is for an unauthenticated attacker to place a specialized repository on their target's local system. If the victim were to clone this repository, it could result in arbitrary code execution...

SUSE CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

DEBIAN-CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

UBUNTU-CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

Linaro Trusted Firmware-A Security Vulnerability

Linaro Trusted Firmware-A is an open source trusted firmware from Linaro. A security vulnerability exists in Linaro Trusted Firmware-A, which stems from a miscalculation issue that allows local code execution...

CVE-2024-32858

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution...

Dell Common Event Enabler Deserialization Vulnerability

The Dell Common Event Enabler is used to provide a working environment for the Common Antivirus Agent CAVA and Common Event Publishing Agent CEPA programs. A deserialization vulnerability exists in Dell Common Event Enabler. A local attacker could exploit this vulnerability to cause arbitrary cod...

PT-2024-24916 · Dell · Dell Client Platform Bios

Name of the Vulnerable Software and Affected Versions: Dell Client Platform BIOS affected versions not specified Description: The issue is related to an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially...

PT-2024-22647 · Dell · Dell Common Event Enabler

Name of the Vulnerable Software and Affected Versions: Dell Common Event Enabler versions 8.9.10.0 and prior Description: The issue is related to an insecure deserialization vulnerability in CAVATools. A local unauthenticated attacker could potentially exploit this, leading to arbitrary code...

SUSE CVE-2024-23793

The file upload feature in OTRS and OTRS Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl...

CVE-2024-23793

The file upload feature in OTRS and OTRS Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl...

CVE-2024-23793

The file upload feature in OTRS and OTRS Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl...

CVE-2024-23793 Upload of files outside application directory

The file upload feature in OTRS and OTRS Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl...

CVE-2024-23793

The CVE-2024-23793 issue is a path traversal vulnerability in the file upload feature of OTRS and ((OTRS)) Community Edition. An authenticated agent or customer user can upload files to directories accessible by the web server, which could enable local code execution (e.g., Perl scripts). Affecte...

CVE-2024-20877

Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to execute arbitrary code...

Vulnerability of the search_byEntryKey function (fs/reiserfs/namei.c) in the Linux operating system, allowing a local attacker to execute arbitrary code

The vulnerability of the searchbyentrykey function in the reiserfs file system of the Linux operating system is related to insufficient data validation during searches after mounting a faulty file system. This can lead to access to arbitrary memory. Exploiting this vulnerability allows an attacke...

PT-2024-23218 · Amazon · Amazon Aws Client Vpn

Name of the Vulnerable Software and Affected Versions: Amazon AWS Client VPN versions prior to 3.11.1 on Windows Amazon AWS Client VPN versions prior to 3.9.1 on macOS Amazon AWS Client VPN versions prior to 3.12.1 on Linux Description: A buffer overflow issue exists that could allow a local acto...

Fedora 38 : python-tqdm (2024-24e4bba70f)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-24e4bba70f advisory. Address CVE-2024-34062 local code execution Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...