CVE-2023-39985

UNSUPPORTED WHEN ASSIGNED Out-of-bounds Write vulnerability in Hitachi EH-VIEW Designer allows local attackers to potentially execute arbitray code on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: Thi...

CVE-2023-28864

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...

CVE-2023-20236

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating...

CVE-2020-9149

An application error verification vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to modify and delete user SMS messages...

Linux Kernel OpenvSwitch Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

CVE-2025-3908

The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destination directory...

CVE-2025-3916

CWE-121: Stack-based Buffer Overflow vulnerability exists that could cause local attackers being able to exploit these issues to potentially execute arbitrary code while the end user opens a malicious project file SSD file provided by the attacker...

CVE-2025-46750

SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set...

CVE-2025-20977

Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability...

CVE-2024-6030

Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code within the sandbox on the target system in order to exploit this...

CVE-2024-6030 Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability

Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code within the sandbox on the target system in order to exploit this...

Insecure Deserialization

lmdeploy is vulnerable to Insecure Deserialization. The vulnerability is due to unsafe handling in the loadweightckpt of the file lmdeploy/lmdeploy/vl/model/utils.py of the component PT File Handler, allowing local attackers to exploit it...

CVE-2025-29989

Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial...

PT-2025-15345

Name of the Vulnerable Software and Affected Versions: libsavsac.so versions prior to SMR Apr-2025 Release 1 Description: The issue is related to an out-of-bounds read in parsing audio data, which allows local attackers to read out-of-bounds memory. This can be exploited by local attackers...

Linux Distros Unpatched Vulnerability : CVE-2023-4569

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory leak flaw was found in nftsetcatchallflush in net/netfilter/nftablesapi.c in the Linux Kernel. This issue may allow a local attacker to cause...

CVE-2025-20024

OpenHarmony CVE-2025-20024 affects v5.0.2 and earlier. The issue is an integer overflow in pre-installed apps that allows a local attacker to achieve arbitrary code execution in restricted scenarios. Documented impact is local, with low to moderate overall severity across sources, and there is no...

Linux Distros Unpatched Vulnerability : CVE-2019-12439

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations related to XDGRUNTIMEDIR, a...

CVE-2020-3432

A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit th...

CVE-2024-1224

This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm hash SHA1 in user login component. A local attacker with administrative privileges could exploit this vulnerability to obtain the password of USB Pratirodh on the targeted system. Successful exploitati...

CVE-2024-12754

AnyDesk Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...