CVE-2025-24479 FactoryTalk® View Machine Edition - Local Code Injection

A Local Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to a default setting in Windows and allows access to the Command Prompt as a higher privileged user...

CVE-2025-24479 FactoryTalk® View Machine Edition - Local Code Injection

A Local Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to a default setting in Windows and allows access to the Command Prompt as a higher privileged user...

PT-2025-5371 · Rockwell Automation · Factorytalk® View Site Edition

Name of the Vulnerable Software and Affected Versions: Product and version affected versions not specified Description: A Local Code Injection issue exists due to incorrect default permissions, allowing for the execution of DLLs with higher-level permissions. Recommendations: At the moment, there...

PT-2025-3122 · Unknown · Rar Extractor - Unarchiver

Name of the Vulnerable Software and Affected Versions: RAR Extractor - Unarchiver Free and Pro version 6.4.0 Description: The issue allows local attackers to inject arbitrary code, potentially leading to remote control and unauthorized access to sensitive user data via the exploit combined.dylib...

CVE-2024-6051 Cross Application Scripting in Redlink SDK

Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK in specific situations allows local code injection and to manipulate the view of a vulnerable application.This issue affects Redlink SDK versions through 1.13...

PT-2024-37346 · Vercom S.A. · Redlink Sdk

Name of the Vulnerable Software and Affected Versions: Redlink SDK versions through 1.13 Description: A Cross Application Scripting vulnerability is present in Vercom S.A. Redlink SDK. In certain cases, it allows local code injection and manipulation of the view of a vulnerable application...

Redlink SDK 安全漏洞

Redlink SDK is an open source library from Vercom S.A.. A security vulnerability exists in Redlink SDK version 1.13 and earlier, which originates from a vulnerability that allows local code to inject and manipulate the view of a vulnerable application under certain circumstances...

Zammad 安全漏洞

Zammad is a suite of ticket management software from the German company Zammad. A security vulnerability exists in Zammad versions prior to 6.3.1, which originates from a vulnerability that allows a local attacker to modify the gem file to inject arbitrary code into a process...

CVE-2023-44141

Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown file...

CVE-2023-45205

A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.20. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to NT AUTHORITY/SYSTE...

CVE-2022-30527

A vulnerability has been identified in SINEC NMS All versions V2.0. The affected application assigns improper access rights to specific folders containing executable files and libraries. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

CVE-2023-1003

A vulnerability, which was classified as critical, was found in Typora up to 1.5.5 on Windows. Affected is an unknown function of the component WSH JScript Handler. The manipulation leads to code injection. An attack has to be approached locally. The exploit has been disclosed to the public and m...

SUSE CVE-2018-11781

Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax...

GHSA-C57F-4VP2-JQHM Insecure temporary directory usage in frontend build functionality of Vaadin 14 and 15-19

Insecure temporary directory usage in frontend build functionality of com.vaadin:flow-server versions 2.0.9 through 2.5.2 Vaadin 14.0.3 through Vaadin 14.5.2, 3.0 prior to 6.0 Vaadin 15 prior to 19, and 6.0.0 through 6.0.5 Vaadin 19.0.0 through 19.0.4 allows local users to inject malicious code...

CVE-2020-27192

BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool...

Dell Digital Delivery and Alienware Digital Delivery power lift vulnerability (CNVD-2019-27450)

Dell Digital Delivery and Alienware Digital Delivery are both Dell USA Inc. applications that are used exclusively for Dell computer equipment to purchase pre-installed software for computers online. An elevation of privilege vulnerability exists in Dell Digital Delivery and Alienware Digital...

CVE-2019-14242

An issue was discovered in Bitdefender products for Windows Bitdefender Endpoint Security Tool versions prior to 6.6.8.115; and Bitdefender Antivirus Plus, Bitdefender Internet Security, and Bitdefender Total Security versions prior to 23.0.24.120 that can lead to local code injection. A local...

Intel USB 3.0 eXtensible Host Controller Driver Local Code Injection Vulnerability

Intel USB 3.0 eXtensible Host Controller Driver for Microsoft Windows 7 is a USB Universal Serial Bus 3.0 eXtensible Host Controller Driver for the Windows 7 platform from Intel Corporation. Host Controller Driver for Microsoft Windows 7. A code injection vulnerability exists in the installer in...

Scientific Linux Security Update : spamassassin on SL7.x x86_64 (20181011)

Security Fixes : - spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and result in denial of service CVE-2017-15705 - spamassassin: Local user code injection in the meta rule syntax CVE-2018-11781 C Tenable Network Security, Inc. The descriptive text is C Scientific...

ALPINE-CVE-2018-11781

Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax...