CVE-2023-33469

In instances where the screen is visible and remote mouse connection is enabled, KramerAV VIA Connect 2 and VIA Go 2 devices with a version prior to 4.0.1.1326 can be exploited to achieve local code execution at the root level...

PT-2023-24350 · Kramerav · Kramerav Via Connect +1

Name of the Vulnerable Software and Affected Versions: KramerAV VIA Connect 2 versions prior to 4.0.1.1326 KramerAV VIA Go 2 versions prior to 4.0.1.1326 Description: The issue allows for local code execution at the root level when the screen is visible and remote mouse connection is enabled. Thi...

CVE-2023-33469

KramerAV VIA Connect (2) and VIA Go (2) are affected by CVE-2023-33469 when screen is visible and a remote mouse connection is enabled. Versions prior to 4.0.1.1326 allow local code execution at root level due to the default remote-mouse startup behavior. Impact is local, with high privileges ris...

CVE-2023-36344

An issue in Diebold Nixdorf Vynamic View Console v.5.3.1 and before allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature...

Diebold Nixdorf Vynamic View Console Code Issue Vulnerability

The Diebold Nixdorf Vynamic View Console is a system from Diebold Nixdorf that allows remote changes to all PC-based devices via Intel Active Management Technology AMT BIOS management. A security vulnerability exists in Diebold Nixdorf Vynamic View Console v.5.3.1 and prior versions, which...

CVE-2023-36344

An issue in Diebold Nixdorf Vynamic View Console v.5.3.1 and before allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature...

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. Also fixed vulnerabilities in closed-source parts of Android that are developed by third parties, such as Qualcomm, Arm and Mediatek. The vulnerabilities potentially enable a malicious party to perform attacks that result in the following categories of...

Exploit for CVE-2023-38820

DLL-Planting-Slack-4.33.73-CVE-2023-38820 DLL Planting in the...

PT-2023-3970 · Unknown · Qvpn Device Client

Name of the Vulnerable Software and Affected Versions: QVPN Device Client versions prior to 2.0.0.1310 QVPN Device Client versions prior to 2.0.0.1316 Description: The issue is related to an insecure library loading vulnerability. If exploited, it could allow local attackers who have gained user...

SUSE CVE-2023-38056

Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35...

Input validation

Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35...

OTRS 操作系统命令注入漏洞

OTRS is an application from OTRS Germany. A service management software. A security vulnerability exists in OTRS versions 7.0.X prior to 7.0.45 and 8.0.X prior to 8.0.35, which stems from incorrect neutralization of commands executed via the OTRS system configuration, allowing any authenticated...

CVE-2023-30668

Out-of-bounds Write in BuildOemSecureSimLockResponse of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code...

CVE-2023-30650

Out of bounds read and write in callrunTspCmd of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code...

CVE-2023-30651

Out of bounds read and write in callgetTspsysfs of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code...

PT-2023-22848 · Unknown · Sysinput Hal Service

Name of the Vulnerable Software and Affected Versions: sysinput HAL service versions prior to SMR Jul-2023 Release 1 Description: The issue is related to an out of bounds read and write in the enableTspDevice function of the sysinput HAL service. This allows local attackers to execute arbitrary...

PT-2023-22864 · Unknown · Libsec-Ril

Name of the Vulnerable Software and Affected Versions: libsec-ril versions prior to SMR Jul-2023 Release 1 Description: The issue is related to an out-of-bounds write in the BuildOemSecureSimLockResponse function of libsec-ril. This allows a local attacker to execute arbitrary code...

SUSE CVE-2023-36377

Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files...

SAMSUNG Mobile devices 缓冲区错误漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A buffer error vulnerability exists in Samsung Mobile SMR Jul-2023 Release 1 prior to Release 1, which stems from an out-of-bounds read and write issu...

DEBIAN-CVE-2023-36377

Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files...