PT-2024-38411

Name of the Vulnerable Software and Affected Versions oFono affected versions not specified Description This issue allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit...

PT-2024-38410

Name of the Vulnerable Software and Affected Versions oFono affected versions not specified Description This issue allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit...

PT-2024-38412

Name of the Vulnerable Software and Affected Versions oFono affected versions not specified Description This issue allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit...

TRENDnet TEW-822DRE Security Vulnerability

The TRENDnet TEW-822DRE is a dual-band wireless router from TRENDnet. A security vulnerability exists in the TRENDnet TEW-822DRE version v.1.03B02, which originates from a vulnerability that allows a local attacker to execute arbitrary code via the parameter ipv4ping in /boafrm/formSystemCheck...

Thales SafeNet Authentication Client Security Vulnerability

Thales Group Thales Safenet Authentication Client is an authentication client from Thales Group, France. A security vulnerability exists in Thales SafeNet Authentication Client versions prior to 10.8 R10 that originates from a vulnerability that allows an attacker to execute code at the system...

CVE-2023-49114

A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or higher, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL, if some specific pre-conditions are met...

PT-2024-20907 · Thesycon · Tusbaudio

Name of the Vulnerable Software and Affected Versions: Thesycon Software Solutions Gmbh & Co. KG TUSBAudio versions prior to 5.68.0 Description: An issue in TUSBAudio MSI-based installers allows a local attacker to execute arbitrary code via the msiexec.exe repair mode. This enables a local...

CVE-2024-25423

An issue in MAXON CINEMA 4D R2024.2.0 allows a local attacker to execute arbitrary code via a crafted c4dbase.xdl64 file...

CVE-2023-7245

The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 Windows/3.4.7 macOS was not properly configured, which allows a local user to execute arbitrary code within the nodejs process context via the ELECTRONRUNASNODE environment variable...

CVE-2023-39683

Cross Site Scripting XSS vulnerability in EasyEmail v.4.12.2 and before allows a local attacker to execute arbitrary code via the user input parameters. NOTE: Researcher claims issue is present in all versions prior and later than tested version...

PT-2024-21143 · Eza · Eza

Name of the Vulnerable Software and Affected Versions: eza versions prior to 0.18.2 Description: The issue is a Buffer Overflow vulnerability that allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components. This vulnerability seems to be triggered b...

CVE-2024-20813

Out-of-bounds Write in padmdvldqtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code...

CVE-2024-20812

Out-of-bounds Write in padmdvldhtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code...

CVE-2024-20812

Out-of-bounds Write in padmdvldhtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code...

Low: jasper

Issue Overview: An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code. CVE-2023-51257 Affected Packages: jasper Issue Correction: Run dnf update jasper --releasever 2023.3.20240205 or dnf update --advisory ALAS2023-2024-511...

PT-2024-18720 · Unknown · Libpadm.So

Name of the Vulnerable Software and Affected Versions: libpadm.so versions prior to SMR Feb-2024 Release 1 Description: The issue is an out-of-bounds write in the padmd vld qtbl of libpadm.so, allowing a local attacker to execute arbitrary code. Recommendations: For versions prior to SMR Feb-2024...

PT-2024-18719 · Unknown · Libpadm.So

Name of the Vulnerable Software and Affected Versions: libpadm.so versions prior to SMR Feb-2024 Release 1 Description: The issue is an out-of-bounds write in the padmd vld htbl of libpadm.so, allowing a local attacker to execute arbitrary code. Recommendations: For versions prior to SMR Feb-2024...

USN-6620-1 glibc vulnerabilities

It was discovered that the GNU C Library incorrectly handled the syslog function call. A local attacker could use this issue to execute arbitrary code and possibly escalate privileges...

CVE-2023-51835

An issue in TRENDnet TEW-822DRE v.1.03B02 allows a local attacker to execute arbitrary code via the parameters ipv4ping in the /boafrm/formSystemCheck...

PT-2024-14308 · Trendnet · Trendnet Tew-822Dre

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-822DRE version 1.03B02 Description: An issue allows a local attacker to execute arbitrary code via the ipv4 ping parameter in the "/boafrm/formSystemCheck" API endpoint. Recommendations: For TRENDnet TEW-822DRE version 1.03B02,...