PYSEC-2019-122

Sqlayamlfixtures 0.9.1 allows local users to execute arbitrary python code via the fixturetext argument in sqlayamlfixtures.load...

CVE-2018-20331

Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002004 by the...

CVE-2018-6755

Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key TK 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware...

USN-3811-1 spamassassin vulnerabilities

It was discovered that SpamAssassin incorrectly handled certain unclosed tags in emails. A remote attacker could possibly use this issue to cause a denial of service. CVE-2017-15705 It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use th...

zsh: buffer overflow in utils.c:checkmailpath() can lead to local arbitrary code execution

A buffer overflow flaw was found in the zsh shell check path functionality. A local, unprivileged user can create a specially crafted message file, which, if used to set a custom "you have new mail" message, leads to code execution in the context of the user who receives the message. If the user...

Fuji Electric Energy Savings Estimator DLL Load Local Code Execution Vulnerability

Fuji Electric Energy Savings Estimator is an energy saving estimator from Fuji Electric. A local arbitrary code execution vulnerability exists in Fuji Electric Energy Savings Estimator that stems from insufficient validation of user input. Exploitation of this vulnerability could be exploited by ...

CVE-2018-10499

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

CVE-2018-10499

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

CVE-2018-14889

CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local code execution vulnerability...

CVE-2018-14889

CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local code execution vulnerability...

Intel Data Center Migration Center Software software installer DLL injection vulnerability

Intel Data Center Migration Center Software is a set of data center migration software from Intel Corporation in the U.S. The software installer is its installer. A DLL injection vulnerability exists in the software installer in Intel Data Center Migration Center Software 3.1 and earlier versions...

Speculative Execution Side Channel Variants 4 and 3a - US

Lenovo Security Advisory: LEN-22133 Potential Impact: Malicious code running locally may be able to observe contents of privileged memory or registers, circumventing expected privilege levels Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3639, CVE-2018-3640 Summary...

CVE-2018-3657

Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access...

Multiple Trend Micro Products Privilege Access Control Vulnerabilities

Trend Micro Premium Security and others are cross-platform antivirus products from Trend Micro that feature anti-ransomware, anti-malware email and system optimization. A privilege access control vulnerability exists in the handling of IDAMSPMASTER requests in multiple Trend Micro products, which...

Citrix XenServer Multiple Vulnerabilities (Foreshadow) (CTX236548)

The version of Citrix XenServer running on the remote host is missing a security hotfix. It is, therefore, affected by multiple vulnerabilities including L1 Terminal Fault L1TF and a local code execution vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if description...

Intel Smart Sound Technology Driver Module Elevation of Privilege Vulnerability

Intel Smart Sound Technology is an integrated audio DSP Digital Signal Processor from Intel USA, which is mainly used to process audio, support voice interaction and so on. An elevation of privilege vulnerability exists in the driver module in versions prior to Intel Smart Sound Technology...

CVE-2018-11453

A vulnerability has been identified in SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V10, V11, V12 All versions, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V13 All versions V13 SP2 Update 2, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V14 All versions V14 SP1 Update 6, SIMATIC STEP 7 TIA...

Input validation

A vulnerability has been identified in SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V10, V11, V12 All versions, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V13 All versions V13 SP2 Update 2, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V14 All versions V14 SP1 Update 6, SIMATIC STEP 7 TIA...

CVE-2018-11453

A vulnerability has been identified in SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V10, V11, V12 All versions, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V13 All versions V13 SP2 Update 2, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V14 All versions V14 SP1 Update 6, SIMATIC STEP 7 TIA...

CVE-2018-11453

A vulnerability has been identified in SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V10, V11, V12 All versions, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V13 All versions V13 SP2 Update 2, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V14 All versions V14 SP1 Update 6, SIMATIC STEP 7 TIA...