5 matches found
EUVD-2024-15817
Malicious code in bioql PyPI...
CVE-2024-0014
In startInstall of UpdateFetcher.java, there is a possible way to trigger a malicious config update due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Privilege escalation
In startInstall of UpdateFetcher.java, there is a possible way to trigger a malicious config update due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-0014
CVE-2024-0014: The UpdateFetcher.java startInstall path contains a logic error that could allow a malicious config update, enabling local privilege escalation with no extra privileges and no user interaction required. This vulnerability is described across multiple sources (NVD/Red Hat/UVD enrich...
CVE-2024-0014
In startInstall of UpdateFetcher.java, there is a possible way to trigger a malicious config update due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...