ZkTeco OEM 路径遍历漏洞

ZkTeco OEM is an intelligent system from the Chinese company ZkTeco. ZkTeco OEM suffers from a path traversal vulnerability that originates from allowing an attacker to access any file on the system. The following products and versions are affected: ZkTeco ProFace X, Smartec ST-FR043, Smartec...

DEBIAN-CVE-2024-35790

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs nodes may be present to the userspace before typecaltmodesetdrvdata completes in dpaltmodeprobe. This...

Unspecified Vulnerability in Microsoft Win32K (CNVD-2024-24945)

Microsoft Win32k is a system file for Windows multi-user management from Microsoft USA. A security vulnerability exists in Microsoft Win32K. An attacker could exploit the vulnerability to cause elevation of privilege...

Progress Software Telerik Report Server 安全漏洞

Progress Software Telerik Report Server is an enterprise-level report management and distribution solution from Progress Software. A security vulnerability exists in Progress Software Telerik Report Server version 2024 Q1 and prior versions. An attacker exploited the vulnerability to read system...

CVE-2024-29994

Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability...

CVE-2024-29994

CVE-2024-29994 is Microsoft Windows SCSI Class System File Elevation of Privilege. Connected sources (NCSC advisory) list CVE-2024-29994 with CVSS v3.1 base 7.8 (high), Local attack vector, Low privileges required, no user interaction, and impact to confidentiality, integrity, and availability. T...

CVE-2024-0100

NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a user can corrupt system files. A successful exploit of this vulnerability might lead to denial of service and data tampering...

KLA67433 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...

PT-2024-15343 · Nvidia · Nvidia Triton Inference Server

Name of the Vulnerable Software and Affected Versions: NVIDIA Triton Inference Server for Linux affected versions not specified Description: The issue is related to a vulnerability in the tracing API, which can be exploited to corrupt system files. This could potentially lead to denial of service...

CVE-2023-41971

An Improper Link Resolution Before File Access 'Link Following' vulnerability in Zscaler Client Connector on Windows allows a system file to be overwritten.This issue affects Client Connector on Windows: before 3.7...

SUSE CVE-2023-52643

In the Linux kernel, the following vulnerability has been resolved: iio: core: fix memleak in iiodeviceregistersysfs When iiodeviceregistersysfsgroup fails, we should free iiodevopaque-chanattrgroup.attrs to prevent potential memleak...

CVE-2024-3098

A vulnerability was identified in the executils class of the llamaindex package, specifically within the safeeval function, allowing for prompt injection leading to arbitrary code execution. This issue arises due to insufficient validation of input, which can be exploited to bypass method...

CVE-2024-3098 Prompt Injection leading to Arbitrary Code Execution in run-llama/llama_index

A vulnerability was identified in the executils class of the llamaindex package, specifically within the safeeval function, allowing for prompt injection leading to arbitrary code execution. This issue arises due to insufficient validation of input, which can be exploited to bypass method...

CVE-2024-21434

Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability...

CVE-2024-21434 Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability

...

CVE-2024-21434 Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability

...

Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability

...

Microsoft Windows SCSI Class System File Security Vulnerability

Microsoft Windows SCSI Class System File is one of the system files used to manage SCSI devices from Microsoft USA. A security vulnerability exists in the Microsoft Windows SCSI Class System File. An attacker could exploit the vulnerability to elevate privileges. The following products and editio...

CVE-2024-1703

A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been disclosed to the public and may be used. The...

CRMEB Security Vulnerabilities

Zhongbang CRMEB is an open source e-commerce management system from Zhongbang in Xi'an, China. CRMEB 5.2.2 version of a security vulnerability , the vulnerability stems from the file /adminapi/system/file/openfile function openfile path traversal vulnerability...