1062 matches found
CVE-2020-10056
A vulnerability has been identified in License Management Utility LMU All versions V2.4. The lmgrd service of the affected application is executed with local SYSTEM privileges on the server while its configuration can be modified by local users. The vulnerability could allow a local authenticated...
CVE-2020-5958
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can plant a malicious DLL file, which may lead to code execution, denial of service, or information disclosure...
CVE-2020-5957
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...
CVE-2020-5962
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...
CVE-2020-8487
Insufficient protection of the inter-process communication functions in ABB System 800xA Base all published versions enables an attacker authenticated on the local system to inject data, affect node redundancy handling...
CVE-2019-5702
NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...
CVE-2019-5689
NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or...
CVE-2019-5701
NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature also known as a binary planting or DLL preloading attack,...
CVE-2009-3614
liboping 1.3.2 allows users reading arbitrary files upon the local system...
CVE-2024-45480 Unauthorized local file reading in B&R APROL
An improper control of generation of code 'Code Injection' vulnerability in the AprolCreateReport component of B&R APROL 4.4-00P5 may allow an unauthenticated network-based attacker to read files from the local system...
CVE-2020-8485
Insufficient protection of the inter-process communication functions in ABB System 800xA for MOD 300 all published versions enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash...
CVE-2020-8484
Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI all published versions enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash...
dotnet: .NET Elevation of Privilege Vulnerability
An elevation of privilege vulnerability was found in .NET. This flaw allows an attacker to write a specially crafted file in the security context of the local system...
dotnet: .NET Elevation of Privilege Vulnerability
An elevation of privilege vulnerability was found in .NET. This flaw allows an attacker to write a specially crafted file in the security context of the local system...
dotnet: .NET Elevation of Privilege Vulnerability
An elevation of privilege vulnerability was found in .NET. This flaw allows an attacker to write a specially crafted file in the security context of the local system...
dotnet: .NET Elevation of Privilege Vulnerability
An elevation of privilege vulnerability was found in .NET. This flaw allows an attacker to write a specially crafted file in the security context of the local system...
CVE-2024-20121
In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1574...
GHSA-CWGG-57XJ-G77R changedetection.io Path Traversal
Summary When a WebDriver is used to fetch files source:file:///etc/passwd can be used to retrieve local system files, where the more traditional file:///etc/passwd gets blocked Details The root cause is the payload source:file:///etc/passwdpasses the regex here and also passes the check here wher...
Unauthorized Access
github.com/juju/juju is vulnerable to an Unauthorized Access. The vulnerability is due to improper access control over the JUJUCONTEXTID and the exposed UNIX domain socket, allowing unauthorized users on the local system with access to the default network namespace to connect and perform privileg...
Vulnerable juju hook tool abstract UNIX domain socket
Impact When combined with an attack of JUJUCONTEXTID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm. Patches Patch:...