CVE-2024-11139

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow local attackers to exploit these issues to potentially execute arbitrary code when opening a malicious project file...

CVE-2024-55503

An issue in termius before v.9.9.0 allows a local attacker to execute arbitrary code via a crafted script to the DYLDINSERTLIBRARIES component...

UBUNTU-CVE-2024-55503

An issue in termius before v.9.9.0 allows a local attacker to execute arbitrary code via a crafted script to the DYLDINSERTLIBRARIES component...

CVE-2025-22394

Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use TOCTOU Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to code execution and possibly privilege escalation...

dingfanzu 安全漏洞

dingfanzu is a php based takeaway ordering website. A SQL injection vulnerability exists in dingfanzu v1.0, which stems from the application's lack of validation of externally entered SQL statements. A local attacker can exploit this vulnerability to execute arbitrary code via the contents of the...

PT-2025-4754 · Unknown · Dingfanzu Cms

Name of the Vulnerable Software and Affected Versions: dingfanzuCMS version 1.0 Description: The issue allows a local attacker to execute arbitrary code due to incorrect filtering of content at the checkOrder.php shopId module. This enables the attacker to perform SQL injection attacks...

CVE-2022-27595

An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QVPN Windo...

Siemens Engineering Platforms

SUMMARY Affected products contain a local arbitrary code execution vulnerability that could allow an attacker to perform actions against the operation system of that environment. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet...

PT-2024-17563 · Sourcecodester · Sourcecodester Phone Contact Manager System

Name of the Vulnerable Software and Affected Versions: SourceCodester Phone Contact Manager System version 1.0 Description: The issue is related to a buffer overflow in memory. It is possible to launch the attack on the local host. The manipulation of the UserInterface::MenuDisplayStart function ...

CVE-2024-30961

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the error-thrown mechanism in nav2btnavigator...

CVE-2024-37862

Buffer Overflow vulnerability in Open Robotic Robotic Operating System 2 ROS2 navigation2- ROS2-humble&& navigation2-humble allows a local attacker to execute arbitrary code via a crafted .yaml file to the nav2planner process...

CVE-2024-30962

Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2amcl process...

CVE-2024-30964

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the initialposesub thread created by nav2btnavigator...

CVE-2024-37862

CVE-2024-37862 describes a Buffer Overflow in ROS 2 navigation2 (navigation2-humble) affecting the nav2_planner component. A local attacker can execute arbitrary code by providing a crafted .yaml file to the nav2_planner process. Documented impact includes potential full system compromise; CVSS v...

CVE-2024-37860

The CVE-2024-37860 entry concerns a buffer overflow in ROS 2 navigation2 (navigation2-humble) affecting the nav2_amcl process. Affected component is navigation2/nav2_amcl; the root cause is a crafted YAML file that can overflow a buffer, enabling a local attacker to execute arbitrary code . The p...

PT-2024-23693 · Open Robotics · Ros2 +1

Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble Description: A Buffer Overflow issue allows a local attacker to execute arbitrary code via a crafted script. This issue exists in the navigation2...

CVE-2024-30962

Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2amcl process...

Cisco Small Business SPA300 and SPA500 Series IP Phones Local Code Execution (CVE-2014-3312)

The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface, aka Bug ID CSCun77435...

CVE-2024-49410

Out-of-bounds write in libswmfextractor.so prior to SMR Dec-2024 Release 1 allows local attackers to execute arbitrary code...

CVE-2024-29404

An issue in Razer Synapse 3 v.3.9.131.20813 and Synapse 3 App v.20240213 allows a local attacker to execute arbitrary code via the export parameter of the Chroma Effects function in the Profiles component...