CVE-2024-4200

In Progress® Telerik® Reporting versions prior to 2024 Q2 18.1.24.2.514, a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability...

CVE-2024-3892

A local code execution vulnerability is possible in Telerik UI for WinForms beginning in v2021.1.122 but prior to v2024.2.514. This vulnerability could allow an untrusted theme assembly to execute arbitrary code on the local Windows system...

CVE-2024-3892

A local code execution vulnerability is possible in Telerik UI for WinForms beginning in v2021.1.122 but prior to v2024.2.514. This vulnerability could allow an untrusted theme assembly to execute arbitrary code on the local Windows system...

CVE-2024-3892 Local code execution vulnerability in Telerik UI for WinForms

A local code execution vulnerability is possible in Telerik UI for WinForms beginning in v2021.1.122 but prior to v2024.2.514. This vulnerability could allow an untrusted theme assembly to execute arbitrary code on the local Windows system...

CVE-2024-3892

CVE-2024-3892 affects Telerik UI for WinForms. The vulnerability allows a local code execution through an untrusted theme assembly on Windows, starting from version 2021.1.122 and affecting versions before 2024.2.514. Practical impact is local compromise when processing a theme assembly within th...

PT-2024-28275 · Telerik · Telerik Ui For Winforms

Name of the Vulnerable Software and Affected Versions: Telerik UI for WinForms versions 2021.1.122 through 2024.2.514 Description: A local code execution issue is possible, allowing an untrusted theme assembly to execute arbitrary code on the local Windows system. This could lead to system...

CVE-2021-22280

Improper DLL loading algorithms in B&R Automation Studio versions =4.0 and 4.12 may allow an authenticated local attacker to execute code in the context of the product...

Cloud customer service management platform 安全漏洞

Cloud customer service management platform is an application. A security vulnerability exists in Cloud customer service management platform, which originates from the presence of a SQL injection vulnerability that could allow a local attacker to execute arbitrary code via a crafted payload...

BlueRiSC WindowsSCOPE Cyber Forensics 安全漏洞

BlueRiSC WindowsSCOPE Cyber Forensics is a GUI-based memory forensic capture and analysis toolkit from BlueRiSC. A security vulnerability exists in BlueRiSC WindowsSCOPE Cyber Forensics versions prior to 3.3 that originates from a vulnerability that could allow a local attacker to execute arbitra...

PT-2024-22931 · Bluerisc · Bluerisc Windowsscope Cyber Forensics

Name of the Vulnerable Software and Affected Versions: BlueRiSC WindowsSCOPE Cyber Forensics versions prior to 3.3 Description: The issue is related to an improper DACL being applied to the device created by the briscKernelDriver.sys driver, allowing a local attacker to execute arbitrary code...

DEBIAN-CVE-2021-34981

Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to...

CVE-2024-3759

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after free...

SUSE CVE-2024-28562

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to execute arbitrary code via the Imf22::copyIntoFrameBuffer component when reading images in EXR format...

CVE-2024-34062

A flaw was found in python-tqdm. When processing non-boolean command line arguments, python-tqdm uses python's eval function but fails to properly sanitize the input provided by the user. This flaw allows an attacker to trick a user into running python-tqdm with crafted command line arguments,...

GHSA-4Q63-MR2M-57HF kubevirt allows a local attacker to execute arbitrary code via a crafted command

An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...

AZL-64791 CVE-2024-33394 affecting package kubevirt for versions less than 1.5.0-2

An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...

CVE-2023-41970

An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on Windows during the Repair App functionality may allow Local Execution of Code.This issue affects Client Connector on Windows: before 4.1.0.62...

CVE-2024-23461

An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on MacOS during the upgrade process may allow a Local Execution of Code.This issue affects Client Connector on MacOS: before 3.4...

CVE-2024-23461 ZCC macOS Upgrade ZIP Bomb DoS

An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on MacOS during the upgrade process may allow a Local Execution of Code.This issue affects Client Connector on MacOS: before 3.4...

karmada-io karmada 安全漏洞

Karmada is a Kubernete management system open-sourced by karmada-io. A security vulnerability exists in karmada-io karmada v1.9.0 and earlier versions, which stems from a vulnerability that allows a local attacker to execute arbitrary code via a crafted command...