CVE-2021-31853

DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption MDE prior to 7.3.0 HF2 7.3.0.183 allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder...

PT-2021-19550 · Mcafee · Mcafee Drive Encryption

Name of the Vulnerable Software and Affected Versions: McAfee Drive Encryption MDE versions prior to 7.3.0 HF2 7.3.0.183 Description: The issue allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder. This is due to a DLL Search Order Hijacking...

kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function in drivers/net/wireless/marvell/mwifiex/join.c via a long SSID value

A flaw was found in the Linux kernel. The marvell wifi driver could allow a local attacker to execute arbitrary code via a long SSID value in mwifiexcmd80211adhocstart function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

Siemens Sentron Powermanager 安全漏洞

Siemens Sentron Powermanager is a power management software from Siemens, a German company. A local code execution vulnerability exists in Siemens Sentron Powermanager, which stems from an affected application assigning incorrect access rights to a specific folder containing configuration files. ...

CVE-2020-28416

HP has identified a security vulnerability with the I.R.I.S. OCR Optical Character Recognition software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution...

PT-2023-16839 · Otrs Ag +1 · Otrs +2

Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.X through 7.0.41 OTRS versions 8.0.X through 8.0.30 OTRS Community Edition versions 6.0.1 through 6.0.34 Description: The issue is related to an Improper Input Validation vulnerability in the ACL modules of OTRS AG OTRS and...

PT-2021-19546 · Mcafee · Mcafee Data Loss Prevention Endpoint

Name of the Vulnerable Software and Affected Versions: McAfee Data Loss Prevention DLP Endpoint for Windows versions prior to 11.6.200 Description: A buffer overflow issue allows a local attacker to execute arbitrary code with elevated privileges by placing carefully constructed Ami Pro .sam file...

Apache Struts Security Update (CVE-2012-1592)

Apache Struts is prone to a local code execution vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...

CVE-2021-34709

Multiple vulnerabilities in image verification checks of Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code ...

CVE-2021-30784

Multiple issues were addressed with improved logic. This issue is fixed in macOS Big Sur 11.5. A local attacker may be able to execute code on the Apple T2 Security Chip...

Vulnerability fixed in Nessus agent

Nessus Agent 8.3.0 and earlier contains multiple local vulnerabilities that would allow an authenticated, local administrator to execute specific executable code on the Nessus Agent host could execute. Tenable has made updates available for Nessus to address the vulnerability. More information ca...

CVE-2021-22775

A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software...

CVE-2021-22775

A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software...

Path traversal

A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software...

CVE-2021-22775

GP-Pro EX, V4.09.250 and earlier, are affected by CWE-427: Uncontrolled Search Path Element. The issue stems from failure to properly filter special elements in the software’s search path, potentially enabling local code execution with elevated privileges during installation. Impact: local code e...

Apple iPadOS 资源管理错误漏洞

Apple iPadOS is a suite of operating systems for the iPad tablet computer from Apple USA. A resource management error vulnerability exists in multiple Apple products, which can be exploited by a local attacker to cause unexpected application termination or arbitrary code execution. The...

PT-2021-7823 · Xmill · Xmill

Name of the Vulnerable Software and Affected Versions: Xmill affected versions not specified Description: The issue is related to a memory boundary error in the HandleFileArg function of the Xmill XML compression tool when processing an XML file. This can be exploited by a local attacker to execu...

CVE-2021-36277

Dell Command | Update, Dell Update, and Alienware Update versions before 4.3 contains an Improper Verification of Cryptographic Signature Vulnerability. A local authenticated malicious user may exploit this vulnerability by executing arbitrary code on the system...

CVE-2021-32579

Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker who has a local code execution ability to tamper with the micro-service API...

CVE-2021-32579

Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker who has a local code execution ability to tamper with the micro-service API...