git: symlink bypass

A vulnerability was found in Git. This flaw allows an unauthenticated attacker to place a repository on their target's local system that contains symlinks. During the cloning process, Git could be tricked into creating hardlinked arbitrary files into their repository's objects/ directory, impacti...

Microsoft Word 资源管理错误漏洞

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A remote code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to...

CVE-2024-36359

A cross-site scripting XSS vulnerability in Trend Micro InterScan Web Security Virtual Appliance IWSVA 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order ...

CVE-2024-36305

CVE-2024-36305 concerns a local privilege-escalation in Trend Micro Apex One (on-premise/Apex One as a service) via a security agent link following vulnerability. The issue enables a local attacker, who already has low-privilege code execution, to escalate privileges on affected installations. Th...

CVE-2024-3240 ConvertPlug <= 3.5.25 - Authenticated (Contributor+) PHP Object Injection

The ConvertPlug plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.25 via deserialization of untrusted input from the 'settingsencoded' attribute of the 'smileinfobar' shortcode. This makes it possible for authenticated attackers, with...

CVE-2023-51588 Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability

Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first obtain the ability to execute...

CVE-2024-1897 Grid Gallery – Photo Image Grid Gallery <= 1.4.3 - Authenticated (Contributor+) PHP Object Injection via shortcode

The Grid Gallery – Photo Image Grid Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.3 via deserialization via shortcode of untrusted input from the awlggsettings meta value. This makes it possible for authenticated attackers, with...

CVE-2024-24912 Local privilege escalation in Harmony Endpoint Security Client for Windows via crafted DLL file

A local privilege escalation vulnerability has been identified in Harmony Endpoint Security Client for Windows versions E88.10 and below. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system...

CVE-2024-24912

The CVE-2024-24912 issue affects Harmony Endpoint Security Client for Windows versions E88.10 and earlier. A local privilege escalation arises from manipulating a COM object to load a specially crafted DLL, requiring the attacker to first obtain local privileged code execution. Impact is defined ...

Export and Import Users and Customers < 2.5.4 - Authenticated (Admin+) PHP Object Injection

Description The Export and Import Users and Customers plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.5.3 via deserialization of untrusted input in the input.php file. This makes it possible for authenticated attackers, with administrator-level...

Filter Custom Fields & Taxonomies Light <= 1.05 - Authenticated (Contributor+) PHP Object Injection

Description The Filter Custom Fields & Taxonomies Light plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.05 via deserialization of untrusted input. This makes it possible for authenticated attackers, with contributor-level access and above, to...

BIT-POSTGRESQL-2023-5869 Postgresql: buffer overrun from integer overflow in array modification

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...

Brooklyn <= 4.9.7.6 - PHP Object Injection

Description The brooklyn theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.9.7.6 via deserialization of untrusted input from an unknown parameter. This makes it possible for authenticated attackers, with subscriber access and above, to inject a PHP...

WP-Mobile-BankID-Integration < 1.0.1 - PHP Object Injection

Description The WP-Mobile-BankID-Integration plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and excluding, 1.0.1 via deserialization of untrusted input through the getAuthResponseFromDB function. This makes it possible for attackers to inject a PHP Object. No known...

RHEL 8 : postgresql:10 (RHSA-2023:7786)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:7786 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflow in arra...

Better Search Replace < 1.4.5 - Unauthenticated PHP Object Injection

Description The plugin is vulnerable to PHP Object Injection via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed...

Apple WebKit Code Execution Vulnerability

Apple WebKit is an open source browser engine developed by Apple. The Apple WebKit code execution vulnerability can be exploited by an attacker to construct a malicious page to lure a victim into visiting it, which will be successfully exploited to execute code on the target system...

X.Org Server Damage Object Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Damage...

Dell Virtual Appliance Manager Arbitrary File Read Vulnerability

Dell Virtual Appliance Manager is a virtual appliance manager from Dell USA. An arbitrary file read vulnerability exists in Dell Virtual Appliance Manager, which can be exploited by an attacker to read arbitrary files from the target system...

Dell Virtual Appliance Manager Arbitrary File Read Vulnerability (CNVD-2024-0018759)

Dell Virtual Appliance Manager is a virtual appliance manager from Dell USA. An arbitrary file read vulnerability exists in Dell Virtual Appliance Manager, which can be exploited by an attacker to read arbitrary files from the target system...