CVE-2024-1193

A vulnerability was found in Navicat 12.0.29. It has been rated as problematic. This issue affects some unknown processing of the component MySQL Conecction Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and m...

CVE-2024-1185

CVE-2024-1185 affects Nsasoft NBMonitor Network Bandwidth Monitor 1.6.5.0, specifically the Registration Handler. The issue allows a locally approached denial of service due to a vulnerability in that component. Public exploit information is indicated, and the vendor reportedly did not respond to...

CVE-2024-23746

Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents...

PT-2024-17299 · Munsoft · Munsoft Easy Archive Recovery

Name of the Vulnerable Software and Affected Versions: Munsoft Easy Archive Recovery version 2.0 Description: A problematic vulnerability was found in the Registration Key Handler component, leading to denial of service. The attack must be approached locally. The exploit has been disclosed to the...

CVE-2024-22430

Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions vulnerability. A local low privileges malicious user could potentially exploit this vulnerability, leading to denial of service...

kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer()

An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data-block0" variable was not limited to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dmabuffer. This issue could allow a local...

CVE-2024-0771

A vulnerability has been found in Nsasoft Product Key Explorer 4.0.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Registration Handler. The manipulation of the argument Name/Key leads to memory corruption. An attack has to be approache...

CVE-2023-48344

In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed...

CVE-2023-32878

In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08307992...

PT-2023-32868 · Kylinsoft · Kylin-System-Updater

Name of the Vulnerable Software and Affected Versions: KylinSoft kylin-system-updater versions up to 2.0.5.16-0k2.33 Description: A critical vulnerability has been found in the KylinSoft kylin-system-updater. The issue is related to the manipulation of the SetDownloadspeedMax argument, which lead...

CVE-2023-7025 KylinSoft hedron-domain-hook DBus init_kcm access control

A vulnerability was found in KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5. It has been declared as critical. This vulnerability affects the function initkcm of the component DBus Handler. The manipulation leads to improper access controls. Attacking locally is a requirement. The exploit has...

CVE-2023-7025 KylinSoft hedron-domain-hook DBus init_kcm access control

A vulnerability was found in KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5. It has been declared as critical. This vulnerability affects the function initkcm of the component DBus Handler. The manipulation leads to improper access controls. Attacking locally is a requirement. The exploit has...

PT-2023-32841 · Kylinsoft · Hedron-Domain-Hook

Name of the Vulnerable Software and Affected Versions: KylinSoft hedron-domain-hook versions up to 3.8.0.12-0k0.5 Description: A critical issue affects the init kcm function of the DBus Handler component, leading to improper access controls. The manipulation requires local attacking. The exploit...

CVE-2023-50271

A potential security vulnerability has been identified with HP-UX System Management Homepage SMH. This vulnerability could be exploited locally or remotely to disclose information...

CVE-2023-50271

Technical details about CVE-2023-50271 are not publicly available in the provided connected documents; monitor for updates.

CVE-2023-48415

CVE-2023-48415 concerns an out-of-bounds read in Init of protocolembmsadapter.cpp caused by a missing bounds check. Per multiple connected documents, this can lead to local information disclosure without requiring user interaction. The issue is associated with Android/Google Pixel components (inc...

CVE-2023-48411

In SignalStrengthAdapter::FillGsmSignalStrength of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation...

Vulnerability fixed in IBM AIX

IBM has fixed a vulnerability in AIX. Through an error in the invscout command, a local malicious person can execute arbitrary execute arbitrary commands on the system. IBM has released updates to fix the vulnerability in AIX invscout. For more information, see:...

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

There are 3 CVEs for the use-after-free flaw found in net/sched/clsfw.c in classifiers clsfw, clsu32, and clsroute in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system...

Vulnerability of the diFree function (fs/jfs/jfs_imap.c) in the Linux operating system, allowing a local attacker to execute arbitrary code

The vulnerability of the diFree function fs/jfs/jfsimap.c in the jfs file system of the Linux operating system is related to the use of memory after it is freed during a mount failure. Exploiting this vulnerability allows an attacker acting locally to execute arbitrary code...