Design/Logic Flaw

A vulnerability, which was classified as problematic, has been found in Filseclab Twister Antivirus 8.17. Affected by this issue is the function 0x220017 in the library ffsmon.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be approached...

CVE-2023-0887

A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

Design/Logic Flaw

A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

CVE-2023-0887

CVE-2023-0887 affects phjounin TFTPD64-SE 4.64, exploiting the tftpd64_svc.exe component via an unquoted search path. The issue is exploitable only locally, with attack complexity reported as high and required privileges low; user interaction is none, and the impact is described as high for confi...

SUSE CVE-2004-1186

Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service application crash...

SUSE CVE-2006-7254

The nscd daemon in the GNU C Library glibc before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon...

SUSE CVE-2007-2511

Buffer overflow in the userfilterfactorycreate function in PHP before 5.2.2 has unknown impact and local attack vectors...

SUSE CVE-2010-1162

The releaseonetty function in drivers/char/ttyio.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the putpid function, which has unspecified impact and local attack vectors...

SUSE CVE-2010-4450

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.229 and earlier for Solaris and Linux allows local standalone applications to affect...

SUSE CVE-2011-1680

ncpmount in ncpfs 2.2.6 and earlier does not remove the /etc/mtab lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors...

SUSE CVE-2011-3869

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file...

SUSE CVE-2013-4588

Multiple stack-based buffer overflows in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 2.6.33, when CONFIGIPVS is used, allow local users to gain privileges by leveraging the CAPNETADMIN capability for 1 a getsockopt system call, related to the doipvsgetctl function, or 2 a setsockopt...

SUSE CVE-2015-1338

kernelcrashdump in Apport before 2.19 allows local users to cause a denial of service disk consumption or possibly gain privileges via a 1 symlink or 2 hard link attack on /var/crash/vmcore.log...

SUSE CVE-2016-8405

An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising ...

SUSE CVE-2016-10277

An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing...

SUSE CVE-2017-0386

An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally...

SUSE CVE-2017-0627

An information disclosure vulnerability in the kernel UVC driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

SUSE CVE-2017-6348

The hashbindelete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service deadlock via crafted operations on IrDA devices...

SUSE CVE-2017-15108

spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the session the agent runs in to inject arbitrary commands to be executed...

SUSE CVE-2018-6084

Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file...