162 matches found
CVE-2025-2762
CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2025-25244
SAP Business Warehouse Process Chains allows an attacker to manipulate the process execution due to missing authorization check. An attacker with display authorization for the process chain object could set one or all processes to be skipped. This means corresponding activities, such as data...
CVE-2025-25244
SAP Business Warehouse Process Chains allows an attacker to manipulate the process execution due to missing authorization check. An attacker with display authorization for the process chain object could set one or all processes to be skipped. This means corresponding activities, such as data...
CVE-2025-25244 Missing Authorization Check in SAP Business Warehouse (Process Chains)
SAP Business Warehouse Process Chains allows an attacker to manipulate the process execution due to missing authorization check. An attacker with display authorization for the process chain object could set one or all processes to be skipped. This means corresponding activities, such as data...
CVE-2025-25244
CVE-2025-25244 affects SAP Business Warehouse (Process Chains). The vulnerability arises from a missing authorization check that allows an attacker with display authorization for a process chain object to set one or more processes to be skipped, causing data loading, activation, or deletion steps...
SAP Business Warehouse 安全漏洞
SAP Business Warehouse is a key component for executing business processes from SAP, Germany, that allows users to design, implement, and manage business processes, ensure process compliance, and reduce the need for manual operations through automation. A security vulnerability exists in SAP...
CVE-2024-9261 IrfanView SID File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
IrfanView SID File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2024-48936
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled stepmgr via...
CVE-2024-48936
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled stepmgr via...
CVE-2024-48936
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled stepmgr via...
JVN#39280069: RevoWorks Cloud vulnerable to unintended process execution
RevoWorks Cloud provided by J’s Communication Co., Ltd. is software to build a sandbox environment isolated from a client's local environment. In the sandbox environment, the product provides the function enabling execution of web browsers and detection and blocking of unauthorized processes...
CVE-2024-41143
Origin validation error vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this vulnerability is exploited, an arbitrary process may be executed with SYSTEM privilege by a user who can log in to the PC where the product's Windows client is installed...
CVE-2023-40481
7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...
CVE-2023-39498
CVE-2023-39498 affects PDF-XChange Editor. A flaw in parsing JPG files leads to an out-of-bounds write, allowing arbitrary code execution in the affected process. The vulnerability requires user interaction (visiting a malicious page or opening a malicious file). The issue is caused by inadequate...
CVE-2024-4192 Stack-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2 DOPSoft
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...
Improper access control
Improper access control vulnerability exists in the resident process of SKYSEA Client View versions from Ver.11.220 prior to Ver.19.2. If this vulnerability is exploited, an arbitrary process may be executed with SYSTEM privilege by a user who can log in to the PC where the product's Windows clie...
CVE-2024-24964
Improper access control vulnerability exists in the resident process of SKYSEA Client View versions from Ver.11.220 prior to Ver.19.2. If this vulnerability is exploited, an arbitrary process may be executed with SYSTEM privilege by a user who can log in to the PC where the product's Windows clie...
PT-2024-20679 · Unknown · Skysea Client View
Name of the Vulnerable Software and Affected Versions: SKYSEA Client View versions from Ver.11.220 prior to Ver.19.2 Description: An improper access control issue exists in the resident process of SKYSEA Client View. This issue can be exploited to execute an arbitrary process with SYSTEM privileg...
[SECURITY] Fedora 40 Update: apache-commons-exec-1.3-31.fc40
Commons Exec is a library for dealing with external process execution and environment management in Java...
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...