CVE-2023-30705

Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission...

PT-2023-22900 · Unknown +1 · Semwifiaptimeoutimpl +1

Name of the Vulnerable Software and Affected Versions: framework versions prior to SMR Aug-2023 Release 1 Description: The issue allows local attackers to access ContentProvider without proper permission due to a PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl. Recommendations: For...

​Siemens Software Center

​​As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...

PT-2023-5625 · Mediatek · Imgsys

Name of the Vulnerable Software and Affected Versions: imgsys affected versions not specified Description: The issue is related to insufficient input validation in the imgsys component of MediaTek microprogram software, which can lead to memory corruption. This could allow an attacker to escalate...

CVE-2023-20216

Cisco BroadWorks has a local-privilege-escalation vulnerability (CVE-2023-20216) due to incorrect implementation of user role permissions. An authenticated attacker with BWORKS or BWSUPERADMIN privileges can issue crafted commands to gain root-level access on any BroadWorks server type. The flaw ...

Internet Bug Bounty: Cargo not respecting umask when extracting crate archives

Cargo did not respect the umask when extracting crate archives on UNIX-like systems, potentially allowing a local attacker to modify the source code compiled and executed by the current user...

CVE-2023-3842

A vulnerability was found in Pointware EasyInventory 1.0.12.0 and classified as critical. This issue affects some unknown processing of the file C:\Program Files x86\EasyInventory\Easy2W.exe. The manipulation leads to unquoted search path. Attacking locally is a requirement. The identifier...

Design/Logic Flaw

A vulnerability was found in Pointware EasyInventory 1.0.12.0 and classified as critical. This issue affects some unknown processing of the file C:\Program Files x86\EasyInventory\Easy2W.exe. The manipulation leads to unquoted search path. Attacking locally is a requirement. The identifier...

CVE-2023-3842 Pointware EasyInventory Easy2W.exe unquoted search path

A vulnerability was found in Pointware EasyInventory 1.0.12.0 and classified as critical. This issue affects some unknown processing of the file C:\Program Files x86\EasyInventory\Easy2W.exe. The manipulation leads to unquoted search path. Attacking locally is a requirement. The identifier...

CVE-2023-28864

Progress Chef Infra Server before 15.7 is affected by CVE-2023-28864. A local attacker can exploit a world-readable /var/opt/opscode/local-mode-cache/backup temporary backup path to access sensitive information, leading to disclosure of all indexed node data because OpenSearch credentials are exp...

CVE-2023-36840

A Reachable Assertion vulnerability in Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows a locally-based, low-privileged attacker to cause a Denial of Service DoS. On all Junos OS and Junos OS Evolved, when a specific L2VPN command is run, RPD will crash and...

CVE-2023-36266

An issue was discovered in Keeper Password Manager for Desktop version 16.10.2 fixed in 17.2, and the KeeperFill Browser Extensions version 16.5.4 fixed in 17.2, allows local attackers to gain sensitive information via plaintext password storage in memory after the user is already logged in, and...

CVE-2023-30663

Improper input validation vulnerability in OemPersonalizationSetLock in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write...

PT-2023-22853 · Unknown · Dataprofile

Name of the Vulnerable Software and Affected Versions: DataProfile versions prior to SMR Jul-2023 Release 1 Description: The issue is related to improper input validation, allowing local attackers to launch privileged activities. Recommendations: For versions prior to SMR Jul-2023 Release 1, upda...

PT-2023-22870 · Samsung · Smart Switch Pc

Name of the Vulnerable Software and Affected Versions: Smart Switch PC versions prior to 4.3.23052 1 Description: The issue is related to improper validation of integrity checks, allowing local attackers to delete arbitrary directories using directory junctions. Recommendations: For versions prio...

CVE-2023-36609

The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. An attacker could set up a local OpenVPN server and push a malicious script onto the TBox host to acquire root privileges...

osslsigncode 安全漏洞

osslsigncode is a small tool by Michał Trojnara, a personal developer. It implements part of the functionality of the Microsoft tool signtool.exe. A security vulnerability exists in osslsigncode v.2.3 and earlier versions, which stems from the presence of a buffer overflow vulnerability that coul...

Microsoft Office Remote Code Execution

Title: Microsoft Office Remote Code Execution Vulnerability Author: nu11secur1ty Date: 04.17.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/ Reference: https://www.crowdstrike.com/cybersecurity-101/remote-code-execution-rce/ CVE-2023-28285...

CVE-2023-29326

A vulnerability was found in dotnet. This issue can allow remote code execution. The attack itself is carried out locally, and requires user interaction...

CVE-2023-21138

In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for...