SUSE CVE-2024-21803

Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...

CVE-2024-21803

NVD describes an after-free vulnerability found in the Linux kernel in the Linux x86 ARM Bluetooth module that allows local code execution. This vulnerability is associated with the program file, https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects...

AZL-34875 CVE-2024-21803 affecting package kernel for versions less than 6.6.35.1-4

Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...

DEBIAN-CVE-2024-21803

Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...

AZL-34203 CVE-2024-21803 affecting package kernel for versions less than 5.15.158.1-1

Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...

UBUNTU-CVE-2024-21803

Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...

PT-2024-6708 · Synology · Synology Drive Client

Name of the Vulnerable Software and Affected Versions: Synology Drive Client versions prior to 3.3.0-15082 Description: The issue is related to the inclusion of functionality from an untrusted control sphere in the OpenSSL DLL component. This allows local users to execute arbitrary code via...

PT-2024-19620 · Bosscms · Bosscms

Name of the Vulnerable Software and Affected Versions: BossCMS version 1.3.0 Description: The issue allows a local attacker to execute arbitrary code and escalate privileges. This is achieved via the init function in the admin.class.php component. Recommendations: For BossCMS version 1.3.0,...

CVE-2023-51833

A command injection issue in TRENDnet TEW-411BRPplus v.2.07eu that allows a local attacker to execute arbitrary code via the data1 parameter in the debug.cgi page...

CVE-2024-0645

Buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531. A local attacker could execute arbitrary code via a long filename argument by monitoring Structured Exception Handler SEH records...

PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions

The point-of-sale PoS terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to...

CVE-2024-22428

Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability. It may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system. Dell recommends customers upgrade at the earliest opportunity...

SUSE CVE-2023-51257

An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code...

AZL-34807 CVE-2023-51257 affecting package jasper for versions less than 4.2.1-1

An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code...

CVE-2023-7206

In Horner Automation Cscape versions 9.90 SP10 and prior, local attackers are able to exploit this vulnerability if a user opens a malicious CSP file, which would result in execution of arbitrary code on affected installations of Cscape...

CVE-2023-42134

PAX Android based POS devices with PayDroid8.1.0SagittariusV11.1.4520230314 or earlier can allow the signed partition overwrite and subsequently local code execution via hidden command. The attacker must have physical USB access to the device in order to exploit this vulnerability...

CVE-2023-42135

PAX A920Pro/A50 devices with PayDroid8.1.0SagittariusV11.1.5020230614 or earlier can allow local code execution via parameter injection by bypassing the input validation when flashing a specific partition. The attacker must have physical USB access to the device in order to exploit this...

CVE-2023-42134

PAX Android based POS devices with PayDroid8.1.0SagittariusV11.1.4520230314 or earlier can allow the signed partition overwrite and subsequently local code execution via hidden command. The attacker must have physical USB access to the device in order to exploit this vulnerability...

CVE-2023-42135

PAX A920Pro/A50 devices with PayDroid8.1.0SagittariusV11.1.5020230614 or earlier can allow local code execution via parameter injection by bypassing the input validation when flashing a specific partition. The attacker must have physical USB access to the device in order to exploit this...

CVE-2023-42135

PAX A920Pro/A50 devices with PayDroid8.1.0SagittariusV11.1.5020230614 or earlier can allow local code execution via parameter injection by bypassing the input validation when flashing a specific partition. The attacker must have physical USB access to the device in order to exploit this...