CVE-2021-25758

In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to local code execution...

MGASA-2021-0062 Updated kernel-linus packages fix security vulnerability

This kernel-linus update is based on upstream 5.10.12 and fixes at least the following security issue: An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel CVE-2021-3347...

CVE-2021-3347

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458...

Vulnerabilities fixed in Adobe products

Adobe has fixed vulnerabilities in several products from Adobe. The vulnerabilities allow a locally authenticated malicious party to execute arbitrary code under permissions of the application or to obtain elevated privileges. Adobe has released updates to fix the vulnerabilities. More informatio...

CVE-2018-8726

K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code local. The component is: K7TSMngr.exe...

CVE-2018-9333

K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code local. The component is: K7TSMngr.exe...

CVE-2018-8725

K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code local. The component is: K7TSMngr.exe...

CVE-2018-8726

K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code local. The component is: K7TSMngr.exe...

CVE-2020-4739

IBM DB2 Accessories Suite for Linux, UNIX, and Windows, DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft...

CVE-2020-5992

NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges...

CVE-2020-25174

A DLL hijacking vulnerability in the B. Braun OnlineSuite Version AP 3.0 and earlier allows local attackers to execute code on the system as a high privileged user...

CVE-2020-28046

ProlinOS up to version 2.4.161.8859R is affected. A local attacker with normal user (MAINAPP) privileges can escalate to root by abusing a setuid xtables-multi binary and using the ip6tables --modprobe switch. The connected records confirm the root-cause is the setuid installation and ip6tables m...

CVE-2020-4723

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force I...

CVE-2020-4722

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force I...

CVE-2020-4724

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system...

CVE-2020-4721

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force I...

CVE-2020-11858

Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge containerized. The vulneravility affects: 1. Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10...

Vulnerability fixed in IBM Informix

IBM has fixed a vulnerability in Informix. A local malicious party could potentially exploit the vulnerability to execute arbitrary code under the privileges of the informix user. IBM has released updates to fix the vulnerability in Informix Dynamic Server. For more information, see:...

Vulnerability fixed in Cisco Webex Teams for Windows

Cisco has fixed a vulnerability in the Windows client of Cisco Webex Teams. The vulnerability allows a local, authenticated malicious person to execute arbitrary code execute under privileges of other local users. This requires a malicious DLL file must be placed in a specific location of the fil...

Debian DLA-2383-1 : nfdump security update

Two issues have been found in nfdump, a netflow capture daemon. Both issues are related to either a buffer overflow or an integer overflow, which could result in a denial of service or a local code execution. For Debian 9 stretch, these problems have been fixed in version 1.6.15-3+deb9u1. We...