(Pwn2Own) VMWare Workstation VBluetoothHCI_PacketOut Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMWare Workstation. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

(Pwn2Own) VMware Workstation UrbBuf_getDataBuf Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

PT-2024-4470 · Windscribe · Windscribe

Name of the Vulnerable Software and Affected Versions: Windscribe affected versions not specified Description: The issue is related to a directory traversal vulnerability in the Windscribe Service, which can be exploited by local attackers to escalate privileges on affected installations of...

CVE-2023-51636

The CVE-2023-51636 issue affects Avira Prime, specifically the Avira Spotlight Service. The vulnerability arises from handling symbolic links, allowing a local attacker who already has low-privileged code execution to abuse the Spotlight Service to delete a file and escalate privileges to SYSTEM....

CVE-2023-44247

A double free vulnerability CWE-415 vulnerability in Fortinet FortiOS 6.4 all versions may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests...

Microsoft Windows Search Service Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Search...

CVE-2021-34999

OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the targ...

CVE-2021-34981

Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to...

CVE-2021-34981

Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to...

CVE-2021-35000 OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability

OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the targ...

CVE-2021-35000

OpenBSD Kernel multicast routing contains an uninitialized memory access flaw that leads to local information disclosure. The vulnerability exists in the multicast routing implementation and allows a local attacker who can execute low-privilege code to obtain sensitive kernel memory contents. The...

CVE-2021-34999

CVE-2021-34999 affects the OpenBSD kernel’s multicast routing path. The flaw is uninitialized memory access in the multicast routing code, enabling a local attacker who can execute low-privilege code to disclose sensitive kernel memory and potentially escalate privileges. Exploitation details or ...

CVE-2021-34999 OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability

OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the targ...

CVE-2021-34999 OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability

OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the targ...

CVE-2021-34981

Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to...

CVE-2021-34981 Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability

Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to...

CVE-2021-34981

CVE-2021-34981 concerns the Linux kernel’s Bluetooth CMTP module. The issue stems from failing to validate the existence of an object before performing free operations, enabling a local attacker to escalate privileges by executing code in the kernel context (double free). The vulnerability is lin...

CVE-2021-34981 Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability

Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to...

CVE-2023-32177

VIPRE Antivirus Plus DeleteHistoryFile Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the...

CVE-2023-32176

VIPRE Antivirus Plus SetPrivateConfig Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the...