xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability

A flaw was found in the X.org server. Due to improperly tracked allocation size in XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org serv...

PT-2024-8538 · Unknown +3 · Needrestart +3

Name of the Vulnerable Software and Affected Versions: needrestart versions prior to 3.8 Description: The issue is related to needrestart passing unsanitized data to a library, which expects safe input. This could allow a local attacker to execute arbitrary shell commands with root privileges...

CVE-2024-11261

A vulnerability, which was classified as critical, was found in SourceCodester Student Record Management System 1.0. Affected is an unknown function of the file StudentRecordManagementSystem.cpp of the component Number of Students Menu. The manipulation leads to memory corruption. Attacking local...

CVE-2024-50986

An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file...

kernel: tcp: add sanity checks to rx zerocopy

A vulnerability was found in Linux Kernel where rx zerocopy feature allowed mapping of pages owned by the filesystem, leading to potential system panic which is caused by the lack of sanity checks to rx zerocopy. A local authenticated attacker could exploit this vulnerability to cause a denial of...

CVE-2024-9843

A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service...

CVE-2024-11097

A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the component Main Menu. The manipulation leads to infinite loop. Attacking locally is a requirement. The exploit has been disclosed to t...

CVE-2024-11097

SourceCodester Student Record Management System 1.0 is affected, specifically the Main Menu component. The issue allows an infinite loop caused by manipulation, with exploitation requiring local access. Public exploits have been disclosed historically across multiple sources, and remediation guid...

CVE-2024-11097 SourceCodester Student Record Management System Main Menu infinite loop

A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the component Main Menu. The manipulation leads to infinite loop. Attacking locally is a requirement. The exploit has been disclosed to t...

PT-2024-16758 · Sourcecodester · Sourcecodester Record Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Record Management System version 1.0 SourceCodester versions prior to the latest update Description: A vulnerability has been found in the SourceCodester Student Record Management System, affecting the Main Menu...

Fortinet FortiClient - Missing signature verification (FG-IR-24-022) (macOS)

The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-022 advisory. - An improper verification of cryptographic signature vulnerability CWE-347 in FortiClient MacOS version 7.4.0, version 7.2...

CVE-2024-34681

Improper input validation in BluetoothAdapter prior to SMR Nov-2024 Release 1 allows local attackers to cause local permanent denial of service on Galaxy Watch...

Linux Kernel Net Scheduler ATM Queuing Discipline Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of traff...

PT-2024-26102 · Samsung · Galaxy Watch

Name of the Vulnerable Software and Affected Versions: Galaxy Watch versions prior to SMR Nov-2024 Release 1 Description: The issue is related to improper input validation in the BluetoothAdapter, which allows local attackers to cause a local permanent denial of service on the Galaxy Watch...

CVE-2024-10559 SourceCodester Airport Booking Management System Passport Number details buffer overflow

A vulnerability was found in SourceCodester Airport Booking Management System 1.0 and classified as critical. Affected by this issue is the function details of the component Passport Number Handler. The manipulation leads to buffer overflow. The attack needs to be approached locally. The exploit...

CVE-2024-10559

SourceCodester Airport Booking Management System 1.0 contains a buffer overflow in the Details/Passport Number Handler component. The vulnerability is exploitable with local access; the attacker can manipulate passport/name inputs to overflow buffers. The issue has been publicly disclosed and may...

Fortinet Fortigate Removal of `restore src-vis` command (FG-IR-21-201)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-201 advisory. - A download of code without integrity check vulnerability in the execute restore src-vis command of FortiOS before 7.0.3 may...

CVE-2024-10093

A vulnerability, which was classified as critical, was found in VSO ConvertXtoDvd 7.0.0.83. Affected is an unknown function in the library avcodec.dll of the file ConvertXtoDvd.exe. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been...

CVE-2024-10093

A vulnerability, which was classified as critical, was found in VSO ConvertXtoDvd 7.0.0.83. Affected is an unknown function in the library avcodec.dll of the file ConvertXtoDvd.exe. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been...

CVE-2024-10093 VSO ConvertXtoDvd ConvertXtoDvd.exe uncontrolled search path

A vulnerability, which was classified as critical, was found in VSO ConvertXtoDvd 7.0.0.83. Affected is an unknown function in the library avcodec.dll of the file ConvertXtoDvd.exe. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been...