(0Day) oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of STK command PDUs. The issue...

CVE-2024-7325 IObit Driver Booster BPL VCL120.BPL uncontrolled search path

A vulnerability was found in IObit Driver Booster 11.0.0.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library VCL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The...

CVE-2024-7325

CVE-2024-7325 affects IObit Driver Booster 11.0.0.0. The issue is in the VCL120.BPL library of the BPL Handler, causing an uncontrolled search path when manipulated. Local access is required for exploitation. Impact is described as high for confidentiality, integrity, and availability. Multiple s...

CVE-2024-7193

A vulnerability has been found in Mp3tag up to 3.26d and classified as problematic. This vulnerability affects unknown code in the library takdecolib.dll of the component DLL Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The...

PT-2024-38198

Name of the Vulnerable Software and Affected Versions VIPRE Advanced Security affected versions not specified Description This issue allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute...

(Pwn2Own) Docker Desktop extension-manager Exposed Dangerous Function Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to execute high-privileged code within the container in order to exploit this vulnerability. The specific flaw exists within the the implemention...

(0Day) Panda Security Dome Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the PSANHost...

CVE-2024-7155

A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557B20221024 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. It is possible to launch the attack on the local...

CVE-2024-7155

TOTOLINK A3300R, version 17.0.0cu.557_B20221024, has a vulnerability in the /etc/shadow.sample file where a hard-coded password is used via an unknown functionality. This enables a local attack with high attack complexity and public disclosure of the exploit. No fixed version is listed in the pro...

CVE-2024-39556

A Stack-Based Buffer Overflow vulnerability in Juniper Networks Junos OS and Juniper Networks Junos OS Evolved may allow a local, low-privileged attacker with access to the CLI the ability to load a malicious certificate file, leading to a limited Denial of Service DoS or privileged code executio...

Unspecified Vulnerability in Dell PowerScale OneFS (CNVD-2024-31401)

Dell PowerScale OneFS is an operating system from Dell USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. A security vulnerability exists in Dell PowerScale OneFS, which can be exploited by a local, highly-privileged attacker to gain root-level access...

CVE-2024-26314

Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code...

DEBIAN-CVE-2024-6063

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as problematic. This affects the function m2tsdmxonevent of the file src/filters/dmxm2ts.c of the component MP4Box. The manipulation leads to null pointer dereference. An attack has to be approached locally...

CVE-2024-6063

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as problematic. This affects the function m2tsdmxonevent of the file src/filters/dmxm2ts.c of the component MP4Box. The manipulation leads to null pointer dereference. An attack has to be approached locally...

UBUNTU-CVE-2024-6063

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as problematic. This affects the function m2tsdmxonevent of the file src/filters/dmxm2ts.c of the component MP4Box. The manipulation leads to null pointer dereference. An attack has to be approached locally...

CVE-2024-6063

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as problematic. This affects the function m2tsdmxonevent of the file src/filters/dmxm2ts.c of the component MP4Box. The manipulation leads to null pointer dereference. An attack has to be approached locally...

CVE-2024-6062

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swfsvgaddisosample of the file src/filters/loadtext.c of the component MP4Box. The manipulation leads to null pointer dereference. The attack needs to be...

CVE-2024-6061

A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffinprocess of the file src/filters/isoffinread.c of the component MP4Box. The manipulation leads to infinite loop. It is possible to launch the...

UBUNTU-CVE-2024-6061

A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffinprocess of the file src/filters/isoffinread.c of the component MP4Box. The manipulation leads to infinite loop. It is possible to launch the...

CVE-2024-6062

GPAC 2.5-DEV-rev228-g11067ea92-master (MP4Box) contains a vulnerability in function swf_svg_add_iso_sample of src/filters/load_text.c that leads to a null pointer dereference. The issue is exploitable with a local attack, and public exploits have been disclosed. A patch is available (commit 31e49...