CVE-2024-10068

CVE-2024-10068 affects OpenSight Software FlashFXP 5.4.0.3970. The vulnerability resides in an unknown function within libcrypto-1_1.dll used by FlashFXP.exe, causing uncontrolled search path manipulation. This enables a local attacker to compromise the system. The exposure is supported by multip...

CVE-2024-10068 OpenSight Software FlashFXP FlashFXP.exe uncontrolled search path

A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-11.dll of the file FlashFXP.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The exploi...

CVE-2024-10068 OpenSight Software FlashFXP FlashFXP.exe uncontrolled search path

A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-11.dll of the file FlashFXP.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The exploi...

PT-2024-8853 · Microsoft +1 · Msasn1.Dll +2

Name of the Vulnerable Software and Affected Versions: TOTOLINK Bluetooth Wireless Adapter A600UB affected versions not specified Description: The issue allows a local attacker to execute arbitrary code via the WifiAutoInstallDriver.exe and MSASN1.dll components. This is related to incorrect...

CVE-2024-7612

Insecure permissions in Ivanti EPMM before 12.1.0.4 allow a local authenticated attacker to modify sensitive application components...

CVE-2024-20492 Cisco Expressway Series Privilege Escalation Vulnerability

A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have Administrator-level...

Microsoft Windows Menu DC Path Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

GHSA-GJ3P-J74V-3X57 ReLaXed Cross-site Scripting vulnerability

A vulnerability classified as problematic has been found in RelaxedJS ReLaXed up to 0.2.2. Affected is an unknown function of the component Pug to PDF Converter. The manipulation leads to cross site scripting. An attack has to be approached locally. The exploit has been disclosed to the public an...

CVE-2024-9283

A vulnerability classified as problematic has been found in RelaxedJS ReLaXed up to 0.2.2. Affected is an unknown function of the component Pug to PDF Converter. The manipulation leads to cross site scripting. An attack has to be approached locally. The exploit has been disclosed to the public an...

CVE-2024-9283 RelaxedJS ReLaXed Pug to PDF Converter cross site scripting

A vulnerability classified as problematic has been found in RelaxedJS ReLaXed up to 0.2.2. Affected is an unknown function of the component Pug to PDF Converter. The manipulation leads to cross site scripting. An attack has to be approached locally. The exploit has been disclosed to the public an...

CVE-2024-9283 RelaxedJS ReLaXed Pug to PDF Converter cross site scripting

A vulnerability classified as problematic has been found in RelaxedJS ReLaXed up to 0.2.2. Affected is an unknown function of the component Pug to PDF Converter. The manipulation leads to cross site scripting. An attack has to be approached locally. The exploit has been disclosed to the public an...

CVE-2024-9283

CVE-2024-9283 affects RelaxedJS ReLaXed up to 0.2.2, with a vulnerability in the Pug to PDF Converter component that enables cross-site scripting. The issue is local in nature; exploitation requires local access, and the exploit has been disclosed publicly and may be used. Several connected sourc...

CVE-2024-9203 Enpass Password Manager sensitive information in memory

A vulnerability, which was classified as problematic, has been found in Enpass Password Manager up to 6.9.5 on Windows. This issue affects some unknown processing. The manipulation leads to cleartext storage of sensitive information in memory. An attack has to be approached locally. The complexit...

CVE-2024-9203 Enpass Password Manager sensitive information in memory

A vulnerability, which was classified as problematic, has been found in Enpass Password Manager up to 6.9.5 on Windows. This issue affects some unknown processing. The manipulation leads to cleartext storage of sensitive information in memory. An attack has to be approached locally. The complexit...

Vulnerabilities fixed in Apple macOS

Apple fixed vulnerabilities in macOS A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Circumvention of security measure - Access to sensitive data - Access to system data Fo...

PT-2024-39486 · Unknown · Enpass Password Manager

Name of the Vulnerable Software and Affected Versions: Enpass Password Manager versions up to 6.9.5 Description: A vulnerability has been found in Enpass Password Manager, which affects some unknown processing and leads to cleartext storage of sensitive information in memory. The manipulation...

Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the...

CVE-2024-40703 IBM Cognos Analytics information disclosure

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and IBM Cognos Analytics Reports for iOS 11.0.0.7 could allow a local attacker to obtain sensitive information in the form of an API key. An attacker could use this information to launch further attacks...

CVE-2024-9040

A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation leads to cleartext storage in a file or on disk. An attack has to be approached locally...

CVE-2024-9040

A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation leads to cleartext storage in a file or on disk. An attack has to be approached locally...