PT-2023-22401 · Unknown · Facemoji Emoji Keyboard

Name of the Vulnerable Software and Affected Versions: Facemoji Emoji Keyboard version 2.9.1.2 Description: A local attacker can cause a denial of service via the SharedPreference files. Recommendations: For Facemoji Emoji Keyboard version 2.9.1.2, update to a newer version that contains a fix fo...

(Pwn2Own) Apple macOS /dev/fd Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the /dev/fd filesystem...

CVE-2022-48439

In cpdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed...

CVE-2023-3098

A vulnerability classified as critical has been found in KylinSoft youker-assistant on KylinOS. Affected is the function restoreallsoundfile. The manipulation leads to path traversal: '../filedir'. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

CVE-2023-3098

A vulnerability classified as critical has been found in KylinSoft youker-assistant on KylinOS. Affected is the function restoreallsoundfile. The manipulation leads to path traversal: '../filedir'. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

Path traversal

A vulnerability classified as critical has been found in KylinSoft youker-assistant on KylinOS. Affected is the function restoreallsoundfile. The manipulation leads to path traversal: '../filedir'. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

CVE-2023-3098 KylinSoft youker-assistant restore_all_sound_file path traversal

A vulnerability classified as critical has been found in KylinSoft youker-assistant on KylinOS. Affected is the function restoreallsoundfile. The manipulation leads to path traversal: '../filedir'. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

CVE-2023-3096

CVE-2023-3096 affects the KylinSoft kylin-software-properties component on KylinOS. The issue lies in the function changedSource , which enables improper access controls and can be exploited locally. The vulnerability has been exploited publicly and a fix is available in version 0.0.1-130 ; upgra...

CVE-2023-3096 KylinSoft kylin-software-properties changedSource access control

A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been declared as critical. This vulnerability affects the function changedSource. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the...

CVE-2023-3096 KylinSoft kylin-software-properties changedSource access control

A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been declared as critical. This vulnerability affects the function changedSource. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the...

CVE-2023-3091

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Captura up to 8.0.0. It has been declared as critical. This vulnerability affects unknown code in the library CRYPTBASE.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The complexity of an attack i...

Design/Logic Flaw

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Captura up to 8.0.0. It has been declared as critical. This vulnerability affects unknown code in the library CRYPTBASE.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The complexity of an attack i...

CVE-2023-3091

CVE-2023-3091 affects Captura up to version 8.0.0, with a vulnerability in the CRYPTBASE.dll library that leads to an uncontrolled search path. The issue is local, requires low privileges, and has high confidentiality, integrity, and availability impact per NVD metrics; exploitation is described ...

PT-2023-23040 · Unknown +1 · Cryptbase.Dll +1

Name of the Vulnerable Software and Affected Versions: Captura versions up to 8.0.0 Description: A critical vulnerability was found in Captura, affecting unknown code in the library CRYPTBASE.dll. The manipulation leads to an uncontrolled search path. Attacking locally is a requirement, and the...

PT-2023-3469 · Unknown · Omicard Edm +1

Name of the Vulnerable Software and Affected Versions: OMICARD EDM ITPison affected versions not specified OMICARD EDM affected versions not specified Description: The issue is related to the file uploading function in the OMICARD EDM backend system, which does not restrict the upload of files wi...

CVE-2023-28351

Summary: CVE-2023-28351 affects Faronics Insight 10.0.19045 (Windows) where every keystroke by any user on a system with the Student application is logged to a world‑readable directory. A local attacker can trivially access these cleartext keystrokes, enabling potential collection of PII and comp...

CVE-2023-2874

A vulnerability, which was classified as problematic, has been found in Twister Antivirus 8. This issue affects the function 0x804f2158/0x804f2154/0x804f2150/0x804f215c/0x804f2160/0x80800040/0x804f214c/0x804f2148/0x804f2144/0x801120e4/0x804f213c/0x804f2140 in the library filppd.sys of the compone...

CVE-2023-2872

A vulnerability classified as problematic has been found in FlexiHub 5.5.14691.0. This affects the function 0x220088 in the library fusbhub.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been...

Null pointer dereference

A vulnerability was found in FabulaTech USB for Remote Desktop 6.1.0.0. It has been rated as problematic. Affected by this issue is the function 0x220448/0x220420/0x22040c/0x220408 of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be...

CVE-2023-2871 FabulaTech USB for Remote Desktop IoControlCode 0x220408 null pointer dereference

A vulnerability was found in FabulaTech USB for Remote Desktop 6.1.0.0. It has been rated as problematic. Affected by this issue is the function 0x220448/0x220420/0x22040c/0x220408 of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be...