CVE-2024-9040

A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation leads to cleartext storage in a file or on disk. An attack has to be approached locally...

CVE-2024-9040

CVE-2024-9040 affects code-projects Blood Bank Management System 1.0, specifically the password handling component. The issue enables cleartext storage of passwords in a file or on disk, with exploitation requiring a local attack. The CVE’s core impact is confidentiality loss and potential accoun...

CVE-2024-9040 code-projects Blood Bank Management System Password cleartext storage in a file or on disk

A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation leads to cleartext storage in a file or on disk. An attack has to be approached locally...

Ubuntu: Security Advisory (USN-7018-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-45383

A mishandling of IRP requests vulnerability exists in the HDAudBusDMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 WinBuild.160101.0800. A specially crafted application can issue multiple IRP Complete requests which leads to a local denial-of-service. An attacker can...

Microsoft Windows BeginPaint Pen Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

Linux Kernel Plan 9 File System Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the p9f...

CVE-2024-20469 Cisco Identity Services Engine Command Injection Vulnerability

A vulnerability in specific CLI commands in Cisco Identity Services Engine ISE could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid...

PT-2024-5972 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software versions up to 10.21q Description: A vulnerability in the Python interpreter could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operati...

CVE-2024-41175

The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local denial-of-service attack by a low privileged attacker...

PT-2024-38751 · Logitech · Logitech Options

Name of the Vulnerable Software and Affected Versions: Logitech Options+ versions prior to 1.72 Description: The issue allows a local attacker to inject a dynamic library within the Logitech Options+ runtime and abuse permissions granted by the user, such as access to the Camera. This can lead to...

CVE-2024-7886

A vulnerability has been found in Scooter Software Beyond Compare up to 3.3.5.15075 and classified as critical. Affected by this vulnerability is an unknown functionality in the library 7zxa.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The real...

CVE-2024-7886 Scooter Software Beyond Compare 7zxa.dll uncontrolled search path

A vulnerability has been found in Scooter Software Beyond Compare up to 3.3.5.15075 and classified as critical. Affected by this vulnerability is an unknown functionality in the library 7zxa.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The real...

CVE-2024-7886

The CVE-2024-7886 entry concerns Scooter Software Beyond Compare versions up to 3.3.5.15075, where the library 7zxa.dll is implicated in an uncontrolled search path issue. The vulnerability requires local access for exploitation, with the root cause described as an unknown functionality within 7z...

Lenovo Display Control Center和Lenovo Accessories and Display Manager 安全漏洞

Lenovo Display Control Center LDCC and Lenovo Accessories and Display Manager LADM are both products of Lenovo, China.Lenovo Display Control Center is a software platform for Lenovo displays. Lenovo Accessories and Display Manager LADM are products of Lenovo, China. Lenovo Display Control Center ...

PT-2024-38659 · Scooter · Beyond Compare

Name of the Vulnerable Software and Affected Versions: Scooter Software Beyond Compare versions up to 3.3.5.15075 Description: A critical issue has been found in the library 7zxa.dll, affecting an unknown functionality. The manipulation leads to an uncontrolled search path. Local attack is requir...

CVE-2024-7738

The CVE-2024-7738 entry affects yzane vscode-markdown-pdf 1.5.0 (Markdown File Handler) and describes a pathname traversal vulnerability exploitable with local access. Several connected sources confirm the issue, with exploitation disclosed publicly (POCs/videos referenced). The root cause is unk...

PT-2024-38546

Name of the Vulnerable Software and Affected Versions: yzane vscode-markdown-pdf version 1.5.0 Description: A problematic issue has been found in the Markdown File Handler component, leading to pathname traversal. The manipulation requires a local attack. The exploit has been disclosed to the...

CVE-2024-34622

Out-of-bounds write in appending paragraph in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege...

UBUNTU-CVE-2024-7537

oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...