UBUNTU-CVE-2023-36377

Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files...

CVE-2023-34648

A Cross Site Scripting vulnerability in PHPgurukl User Registration Login and User Management System with admin panel v.1.0 allows a local attacker to execute arbitrary code via a crafted script to the signup.php...

Siemens SIMATIC WinCC 安全漏洞

SIMATIC WinCC is a supervisory control and data acquisition SCADA system. A local code execution vulnerability exists in Siemens SIMATIC WinCC, which can be exploited by an attacker to inject arbitrary code and escalate privileges...

GLSA-202305-30 : X.Org X server, XWayland: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-30 X.Org X server, XWayland: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in X.Org X server, XWayland. Please review the CVE identifiers referenced below for details. Tenable has extracted the...

CVE-2023-31806

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the My Progress function...

Phodal CMD 跨站脚本漏洞

Phodal CMD is a drop-in editor for the WeChat media platform by Fengda Huang, an individual developer in China. A security vulnerability exists in Phodal CMD version v.1.0, which stems from the presence of a cross-site scripting vulnerability that allows local attackers to execute arbitrary code...

PT-2023-3168 · Lenovo · Thinkpad Hybrid Usb-C With Usb-A Dock

Name of the Vulnerable Software and Affected Versions: ThinkPad Hybrid USB-C with USB-A Dock affected versions not specified Description: The issue is related to insufficient input validation in the firmware update tool, which could allow an attacker with local access to execute code with elevate...

CVE-2023-21509

Out-of-bounds Write vulnerability while processing BCTUICMDUPDATESCREEN in bctui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code...

CVE-2023-21506

Out-of-bounds Write vulnerability while processing BCTUICMDSENDRESOURCEDATAARRAY command in bctui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code...

CVE-2023-21501

Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code...

CVE-2023-21499

Out-of-bounds write vulnerability in TACommunicationmposencryptpin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code...

SAMSUNG Mobile devices 缓冲区错误漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR May-2023 Release 1 prior to version 1, which stems from TACommunicationmposencryptpi...

PT-2023-18264 · Samsung · Samsung Blockchain Keystore

Name of the Vulnerable Software and Affected Versions: Samsung Blockchain Keystore versions prior to 1.3.12.1 Description: The issue is related to an Out-of-bounds Write vulnerability that occurs while processing BC TUI CMD UPDATE SCREEN in the bc tui trustlet. This allows a local attacker to...

PT-2023-18261 · Samsung · Samsung Blockchain Keystore

Name of the Vulnerable Software and Affected Versions: Samsung Blockchain Keystore versions prior to 1.3.12.1 Description: The issue is related to an Out-of-bounds Write vulnerability that occurs while processing the BC TUI CMD SEND RESOURCE DATA ARRAY command in the bc tui trustlet. This allows ...

PT-2023-18263 · Samsung · Samsung Blockchain Keystore

Name of the Vulnerable Software and Affected Versions: Samsung Blockchain Keystore versions prior to 1.3.12.1 Description: The issue is related to an Out-of-bounds Write vulnerability that occurs while processing the BC TUI CMD SEND RESOURCE DATA command in the bc tui trustlet. This vulnerability...

ASB-A-267360595

In TBD of TBD, there is a possible local arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

42Gears Surelock 代码问题漏洞

42Gears Surelock is an industry-leading tool from 42Gears USA that locks devices into kiosk mode. A security vulnerability exists in 42Gears Surelock version 2.40.0 that stems from the presence of elevation of privilege and local code execution issues...

VMware Releases Critical Patches for Workstation and Fusion Software

VMware has released updates to resolve multiple security flaws impacting its Workstation and Fusion software, the most critical of which could allow a local attacker to achieve code execution. The vulnerability, tracked as CVE-2023-20869 CVSS score: 9.3, is described as a stack-based...

CVE-2021-33971

Qihoo 360 https://www.360.cn/ Qihoo 360 Safeguard https://www.360.cn/ Qihoo 360 Total Security http://www.360totalsecurity.com/ is affected by: Buffer Overflow. The impact is: execute arbitrary code local. The component is: This is a set of vulnerabilities affecting popular software, "360...

CVE-2021-33974

Qihoo 360 https://www.360.cn/ Qihoo 360 Safeguard https://www.360.cn/ Qihoo 360 Chrome https://browser.360.cn/ee/ is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: This is a set of vulnerabilities affecting popular software, and the installation...