CVE-2026-1342

IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to execute malicious scripts fro...

EUVD-2026-19986

IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to execute malicious scripts fro...

Lenovo One Client 安全漏洞

Lenovo One Client is a one-stop service and system management software from Lenovo China. A security vulnerability exists in Lenovo One Client that stems from a potential DLL hijacking that could lead to the execution of arbitrary code by a locally authenticated user...

Lenovo Baiying Client 安全漏洞

Lenovo Baiying Client is a digital service and device management platform from Lenovo China. A security vulnerability exists in Lenovo Baiying Client that stems from improper privileges and could lead to the execution of arbitrary code by a locally authenticated user...

Lenovo Tablets 安全漏洞

Lenovo Tablets is a line of tablet computers from the Chinese company Lenovo Lenovo. A security vulnerability exists in Lenovo Tablets that originates from a locally authenticated user or application that could access sensitive device-specific information...

EUVD-2016-7013

Malware in sbrugna...

EUVD-2022-37328

Malicious code in bioql PyPI...

EUVD-2023-31798

Malicious code in bioql PyPI...

CVE-2024-49814

IBM Security Verify Access Appliance 10.0.0 through 10.0.3 could allow a locally authenticated user to increase their privileges due to execution with unnecessary privileges...

Input validation

Prior Dell BIOS versions contain an Input Validation vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls in SMM...

Improper Privilege Management in Spring Framework

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by recreating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFl...

CVE-2021-43589

Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system OS command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands o...

CVE-2021-43589

Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system OS command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands o...

CVE-2021-38863

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a locally authenticated user. IBM X-Force ID: 208154...

Change Healthcare McKesson and Horizon Cardiology

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Change Healthcare Equipment: Change Healthcare Cardiology, Horizon Cardiology, McKesson Cardiology Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Design/Logic Flaw

IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM X-Force ID: 134067...

CVE-2016-3053

IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges...

F5 Networks BIG-IP : NTP vulnerability (K17515)

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value. CVE-2015-7855 Impact A locally authenticated user may be able to disrupt ntpd...

SOL17175 - OpenJDK vulnerability CVE-2015-4731

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

Symantec Endpoint Protection Manager < 11.0 RU7-MP4a / 12.1 RU4a Multiple Vulnerabilities (SYM14-004)

The version of Symantec Endpoint Protection Manager SEPM running on the remote host is either 11.x prior to 11.0 RU7-MP4a or 12.x prior to 12.1 RU4a. It is, therefore, affected by multiple vulnerabilities: - SEPM is affected by an XML external entity injection vulnerability due to a failure to...