771 matches found
CVE-2024-20131
In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1873...
CVE-2024-20131
In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1873...
CVE-2024-20131
CVE-2024-20131 affects the Modem component in MediaTek chipsets. The root cause is an incorrect bounds check that can enable a local escalation of privilege, requiring local access with no user interaction. The vulnerability is described as potentially enabling System execution privileges with hi...
SUSE CVE-2024-11003
Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library Modules::ScanDeps which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps...
PT-2024-34485 · Unknown · Clementine
Name of the Vulnerable Software and Affected Versions: Clementine version 1.3.1 Description: The issue allows a local attacker to execute arbitrary code via a crafted DLL file. This can be exploited by a local attacker. Recommendations: For Clementine version 1.3.1, consider restricting access to...
PT-2024-25166 · Unknown · Ferozo Webmail
Name of the Vulnerable Software and Affected Versions: Ferozo Email version 1.1 Description: A Cross Site Scripting issue allows a local attacker to execute arbitrary code via a crafted payload to the PDF preview component. This enables the attacker to perform actions on the affected system...
PT-2024-8150 · Dell · Os10
Name of the Vulnerable Software and Affected Versions: Dell SmartFabric OS10 Software versions 10.5.3.x through 10.5.6.x Description: The issue is related to a command injection vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to...
SUSE CVE-1999-0439
Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file...
PT-2024-5611 · Iobit · Iobit Dualsafe Password Manager
Name of the Vulnerable Software and Affected Versions: IObit DualSafe Password Manager version 1.4.0.3 Description: The issue is related to an uncontrolled search path element in the BPL Handler component of the IObit DualSafe Password Manager. This could allow an attacker to execute arbitrary...
CVE-2024-6563 Buffer Overflow Arbitrary Write
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files...
CVE-2024-6563
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files...
UBUNTU-CVE-2024-38476
Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue...
CVE-2024-6287
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...
CVE-2024-6287
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...
CVE-2024-6287
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...
CVE-2024-6287 Incorrect Address Range Calculations
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...
CVE-2024-6287
CVE-2024-6287 concerns Renesas arm-trusted-firmware. The issue is an Incorrect Calculation in the image overlap/check logic that can let an attacker bypass memory range restrictions and overwrite a loaded image, potentially causing local code execution and bypass of secure boot. If exploited, thi...
CVE-2024-6287 Incorrect Address Range Calculations
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...
CVE-2024-6287
Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...
CVE-2024-32922
CVE-2024-32922 involves a logic error in the Pixel GPU power management path, specifically in gpu_pm_power_on_top_nolock within pixel_gpu_power.c, which can lead to a protected memory compromise. The vulnerability could enable local escalation of privilege to the TEE with no additional execution ...