CVE-2023-20655

In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022...

CVE-2023-20655

In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022...

Privilege escalation

In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022...

PT-2023-17524 · Mmsdk · Mmsdk

Name of the Vulnerable Software and Affected Versions: mmsdk affected versions not specified Description: The issue is related to a parcel format mismatch in mmsdk, which could lead to a possible escalation of privilege. This might result in local code execution without requiring additional...

CVE-2023-20655

In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022...

CVE-2023-20655

CVE-2023-20655 stems from a parcel format mismatch in MediaTek’s mmsdk, enabling local privilege escalation and potential local code execution without extra privileges or user interaction. Severity is rated high (CVSSv3.1: 7.8; LOCAL attack, LOW complexity, HIGH impact on confidentiality, integri...

CVE-2023-20655

In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022...

CVE-2020-23327

Cross Site Scripting vulnerability found in ZblogCN ZblogPHP v.1.0 allows a local attacker to execute arbitrary code via a crafted payload in title parameter of the module management model...

CVE-2022-1230

This vulnerability allows local attackers to execute arbitrary code on affected installations of Samsung Galaxy S21 prior to 4.5.40.5 phones. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

CVE-2023-21020

In registerSignalHandlers of main.c, there is a possible local arbitrary code execution due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID...

CVE-2023-1250

Improper Input Validation vulnerability in OTRS AG OTRS ACL modules, OTRS AG OTRS Community Edition ACL modules allows Local Execution of Code. When creating/importing an ACL it was possible to inject code that gets executed via manipulated comments and ACL-names This issue affects OTRS: from 7.0...

CVE-2023-1250

OTRS/OTRS Community Edition vulnerable to improper input validation in ACL modules, enabling local code execution via manipulated comments and ACL-names. Affected: OTRS 7.0.x before 7.0.42, 8.0.x before 8.0.31; CE 6.0.1 through 6.0.34. Remediation: upgrade to 7.0.42+ (or later), 8.0.31+ (or later...

Design/Logic Flaw

Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service...

CVE-2022-34416

Dell PowerEdge BIOS and Dell Precision BIOS are affected by an Improper SMM communication buffer verification vulnerability. The root cause is improper verification in SMM communications, allowing a local high-privilege user to potentially execute arbitrary code or cause a denial of service. The ...

PT-2023-13401 · Dell · Dell Precision Bios +1

Name of the Vulnerable Software and Affected Versions: Dell PowerEdge BIOS affected versions not specified Dell Precision BIOS affected versions not specified Description: The issue is related to an Improper SMM communication buffer verification vulnerability. A local malicious user with high...

Vulnerability fixed in Adobe Creative Cloud Desktop Application

Adobe has fixed a vulnerability in Creative Cloud Desktop Application. A local malicious person could abuse the vulnerability to execute arbitrary code. The malicious party does not need prior authorizations on the application. Adobe has released updates to fix the vulnerability in Creative Cloud...

Vulnerabilities fixed in Adobe Dimension

Adobe has fixed vulnerabilities in Dimension. A local malicious person could exploit the vulnerabilities to execute arbitrary code execute with application privileges, or to access gain access to sensitive data in the context of the application. Adobe has released updates to fix the vulnerabiliti...

CVE-2023-26912

Cross site scripting XSS vulnerability in xenv S-mall-ssm thru commit 3d9e77f7d80289a30f67aaba1ae73e375d33ef71 on Feb 17, 2020, allows local attackers to execute arbitrary code via the evaluate button...

USN-5953-1 ipython vulnerabilities

It was discovered that IPython incorrectly processed REST API POST requests. An attacker could possibly use this issue to launch a cross-site request forgery CSRF attack and leak user's sensitive information. This issue only affected Ubuntu 14.04 ESM. CVE-2015-5607 It was discovered that IPython...

CVE-2023-25611

A improper neutralization of formula elements in a CSV file vulnerability in Fortinet FortiAnalyzer 6.4.0 - 6.4.9, 7.0.0 - 7.0.5, and 7.2.0 - 7.2.1 allows local attacker to execute unauthorized code or commands via inserting spreadsheet formulas in macro names...