CVE-2023-1187

A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This issue affects some unknown processing in the library ftwebcam.sys of the component Global Variable Handler. The manipulation leads to denial of service. It is possible to launch the attack...

CVE-2023-1189

CVE-2023-1189 affects WiseCleaner Wise Folder Hider (v4.4.3.202) — the vulnerability lies in the WiseFs64.sys IoControlCode Handler, specifically within functions 0x222400/0x222404/0x222410. The manipulation leads to a denial of service and requires a local attack vector. A PoC/exploit has been p...

CVE-2023-1189 WiseCleaner Wise Folder Hider IoControlCode WiseFs64.sys 0x222410 denial of service

A vulnerability was found in WiseCleaner Wise Folder Hider 4.4.3.202. It has been declared as problematic. Affected by this vulnerability is the function 0x222400/0x222404/0x222410 in the library WiseFs64.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An...

PT-2023-10632 · Unknown · Vocable Trainer

Name of the Vulnerable Software and Affected Versions: hgzojer Vocable Trainer versions up to 1.3.0 Description: A critical vulnerability was found in the hgzojer Vocable Trainer, affecting unknown code of the file VocableTrainerProvider.java. The manipulation leads to path traversal, and attacki...

PT-2023-16792 · Unknown · Kylin-Activation

Name of the Vulnerable Software and Affected Versions: kylin-activation versions prior to 1.3.11-23 and 1.30.10-5.p23 Description: A critical issue was found in the File Import component of kylin-activation, leading to improper authorization. The attack must be approached locally. The exploit has...

PUB-A-242203672

In ffamrdprot of sharedmem.c, there is a possible ID due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-239630493

In fdtnexttag of fdt.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-25540

Dell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability to overwrite arbitrary files causing denial of service...

CVE-2023-20940

In the Android operating system, there is a possible way to replace a boot partition due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

PT-2023-16716 · Techpowerup · Techpowerup Realtemp

Name of the Vulnerable Software and Affected Versions: TechPowerUp RealTemp version 3.7.0.0 Description: A critical vulnerability was found in the library WinRing0x64.sys, leading to improper initialization. The attack must be approached locally. The exploit has been disclosed to the public and m...

CVE-2023-1007

A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally...

CVE-2023-1007

A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally...

Improper access control

A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally...

CVE-2023-1010 vox2png vox2png.c heap-based overflow

A vulnerability classified as critical was found in vox2png 1.0. Affected by this vulnerability is an unknown functionality of the file vox2png.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

CVE-2023-1007 Twister Antivirus IoControlCode filmfd.sys 0x801120E4 access control

A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally...

K53197140: BIG-IP iControl REST and tmsh vulnerabilities CVE-2022-26835

Security Advisory Description Directory traversal vulnerabilities exist in undisclosed iControl REST endpoints and TMOS Shell tmsh commands in F5 BIG-IP Guided Configuration, which may allow an authenticated attacker with at least resource administrator role privileges to read arbitrary files...

PT-2023-16611 · Unknown · Cxasm Notepad

Name of the Vulnerable Software and Affected Versions: cxasm notepad version 1.22 Description: A problematic issue was found in the Directory Comparison Handler component, which can be exploited to cause denial of service. The attack must be launched locally. Recommendations: For cxasm notepad...

PT-2023-16590 · Phjounin · Tftpd64-Se

Name of the Vulnerable Software and Affected Versions: phjounin TFTPD64-SE version 4.64 Description: A critical issue affects the processing of the file tftpd64 svc.exe, leading to an unquoted search path. The manipulation can be exploited locally, with a rather high complexity of attack and...

SUSE CVE-2005-1263

The elfcoredump function in binfmtelf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the createelftables function, causes a negative length argument to pass ...

SUSE CVE-2007-1592

net/ipv6/tcpipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6flsocklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service OOPS or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to...