CVE-2024-55955

An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged...

CVE-2024-55631

CVE-2024-55631 affects Trend Micro Apex One stack (Engine Link following vulnerability). The issue allows a local attacker who can execute low-privileged code to escalate privileges on affected installations, potentially to SYSTEM, per multiple advisories. Exploitation reportedly does not require...

CVE-2024-12754 AnyDesk Link Following Information Disclosure Vulnerability

AnyDesk Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

Amazon Linux 2 : flatpak (ALAS-2024-2712)

The version of flatpak installed on the remote host is prior to 1.0.9-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2712 advisory. A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This fl...

CVE-2024-12831 Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability

Arista NG Firewall uvmlogin Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Arista NG Firewall. An attacker must first obtain the ability to execute low-privileged code on the target system i...

CVE-2024-12786

A vulnerability, which was classified as critical, was found in X1a0He Adobe Downloader up to 1.3.1 on macOS. Affected is the function shouldAcceptNewConnection of the file com.x1a0he.macOS.Adobe-Downloader.helper of the component XPC Service. The manipulation leads to improper privilege...

CVE-2024-12786 X1a0He Adobe Downloader XPC Service com.x1a0he.macOS.Adobe-Downloader.helper shouldAcceptNewConnection privileges management

A vulnerability, which was classified as critical, was found in X1a0He Adobe Downloader up to 1.3.1 on macOS. Affected is the function shouldAcceptNewConnection of the file com.x1a0he.macOS.Adobe-Downloader.helper of the component XPC Service. The manipulation leads to improper privilege...

PT-2024-17736 · Unknown · X1A0He Adobe Downloader

Name of the Vulnerable Software and Affected Versions: X1a0He Adobe Downloader version 1.3.1 and earlier Description: A critical vulnerability was found in the X1a0He Adobe Downloader, affecting the shouldAcceptNewConnection function of the com.x1a0he.macOS.Adobe-Downloader.helper file in the XPC...

CVE-2024-12662

CVE-2024-12662 affects IObit Advanced SystemCare Ultimate up to 17.0.0. The flaw is in the IOCTL Handler’s AscRegistryFilter.sys function 0x8001E040, which leads to a null pointer dereference when invoked locally. Exploitation status in the sources indicates the vulnerability has been disclosed p...

CVE-2024-12662 IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E040 null pointer dereference

A vulnerability classified as problematic has been found in IObit Advanced SystemCare Utimate up to 17.0.0. This affects the function 0x8001E040 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has to be approached...

CVE-2024-12660

A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been declared as problematic. Affected by this vulnerability is the function 0x8001E018 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It i...

CVE-2024-12660

A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been declared as problematic. Affected by this vulnerability is the function 0x8001E018 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It i...

CVE-2024-12660 IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E018 null pointer dereference

A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been declared as problematic. Affected by this vulnerability is the function 0x8001E018 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It i...

CVE-2024-12659

CVE-2024-12659 affects IObit Advanced SystemCare Ultimate up to 17.0.0. The root cause is a null pointer dereference in function 0x8001E004 within AscRegistryFilter.sys IOCTL Handler. Exploitation requires local access; the vulnerability has been disclosed publicly. Availability impact is indicat...

CVE-2024-12656

A vulnerability, which was classified as problematic, was found in FabulaTech USB over Network 6.0.6.1. This affects the function 0x220448 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The...

CVE-2024-12657

A vulnerability has been found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This vulnerability affects the function 0x8001E000 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has...

CVE-2024-12656

FabulaTech USB over Network 6.0.6.1 is affected by a vulnerability in the ftusbbus2.sys IOCT Handler function 0x220448 that causes a null pointer dereference. The issue is local to exploit the system, with publicly disclosed exploit details. Affected component: ftusbbus2.sys (function 0x220448) i...

CVE-2024-12655

FabulaTech USB over Network version 6.0.6.1 is affected by a vulnerability in the IOCT Handler’s ftusbbus2.sys library, specifically function 0x220420. The issue causes a null pointer dereference and can be exploited locally on the host. Exploit details have been disclosed publicly. Remediation n...

CVE-2024-12654

A vulnerability classified as problematic was found in FabulaTech USB over Network 6.0.6.1. Affected by this vulnerability is the function 0x220408 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. T...

PT-2024-17694 · Fabulatech · Fabulatech Usb Over Network

Name of the Vulnerable Software and Affected Versions: FabulaTech USB over Network version 6.0.6.1 Description: A problematic vulnerability was found in the function 0x220408 of the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference, requiring ...