CVE-2024-21923

The AMD StoreMi™ vulnerability (default privilege misconfiguration) can enable privilege escalation and potentially arbitrary code execution via a local, low-privileged, user-interaction-exploitable path. The issue affects AMD StoreMI technology, with the root cause described as incorrect/default...

CVE-2024-21922

CVE-2024-21922 describes a DLL hijacking vulnerability in AMD StoreMI that could lead to privilege escalation and arbitrary code execution. Affected product: AMD StoreMI; vulnerability class: DLL hijacking. CVSSv3.1 metrics indicate Local attack vector, Low access/privilege requirements, User int...

CVE-2024-21922

A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

CVE-2024-21922

A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

AMD StoreMI 安全漏洞

AMD StoreMI is an intelligent storage management technology developed by AMD that automatically optimizes data storage locations to improve system performance by combining the benefits of solid state drives SSDs and mechanical hard drives HDDs. AMD StoreMI suffers from a DLL hijacking vulnerabili...

AMD StoreMI 安全漏洞

AMD StoreMI is an intelligent storage management technology developed by AMD that automatically optimizes the location of data storage to improve system performance by combining the benefits of solid state drives SSDs and mechanical hard drives HDDs. AMD StoreMI suffers from a default privilege...

PT-2025-47849

Name of the Vulnerable Software and Affected Versions AMD StoreMI™ affected versions not specified Description A DLL hijacking issue exists in AMD StoreMI™. Successful exploitation could allow an attacker to gain higher privileges, potentially leading to arbitrary code execution. Recommendations ...

PT-2025-47830

Name of the Vulnerable Software and Affected Versions LIBPNG versions 1.6.0 through 1.6.50 Description LIBPNG is a library used by applications to read, create, and manipulate PNG image files. A heap buffer over-read issue exists in the png write image 8bit function when processing 8-bit images...

CVE-2025-63603

A command injection vulnerability exists in the MCP Data Science Server's reading-plus-ai/mcp-server-data-exploration 0.1.6 in the safeeval function src/mcpserverds/server.py:108. The function uses Python's exec to execute user-supplied scripts but fails to restrict the builtins dictionary in the...

CVE-2025-36072

IBM webMethods Integration 10.11 through 10.11CoreFix22, 10.15 through 10.15CoreFix22, and 11.1 through 11.1CoreFix6 IBM webMethods Integration allow an authenticated user to execute arbitrary code on the system, caused by the deserialization of untrusted object graphs data...

CVE-2025-65108

CVE-2025-65108 affects the md-to-pdf CLI (Markdown to PDF) where parsing front matter with a JavaScript delimiter can trigger the gray-matter JS engine to execute arbitrary code during the conversion process, enabling remote code execution. This vulnerability exists in versions prior to 5.2.5 and...

CVE-2025-40604

Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution...

CVE-2025-64695

Uncontrolled search path element issue exists in the installer of LogStare Collector for Windows. If exploited, arbitrary code may be executed with the privilege of the user invoking the installer...

CVE-2025-64695

Uncontrolled search path element issue exists in the installer of LogStare Collector for Windows. If exploited, arbitrary code may be executed with the privilege of the user invoking the installer...

CVE-2025-64695

CVE-2025-64695 affects LogStare Collector (Windows installer) with an Uncontrolled search path element (CWE-427) that can allow arbitrary code execution with the invoking user’s privileges. The Red Hat/NVD/JVN entries confirm this as a local issue in the Windows installer; the risk is described a...

EUVD-2025-198417

Uncontrolled search path element issue exists in the installer of LogStare Collector for Windows. If exploited, arbitrary code may be executed with the privilege of the user invoking the installer...

CVE-2025-64695

Uncontrolled search path element issue exists in the installer of LogStare Collector for Windows. If exploited, arbitrary code may be executed with the privilege of the user invoking the installer...

CVE-2025-58097

The installation directory of LogStare Collector is configured with incorrect access permissions. A non-administrative user may manipulate files within the installation directory and execute arbitrary code with the administrative privilege...

EUVD-2025-198374

IBM webMethods Integration 10.11 through 10.11CoreFix22, 10.15 through 10.15CoreFix22, and 11.1 through 11.1CoreFix6 IBM webMethods Integration allow an authenticated user to execute arbitrary code on the system, caused by the deserialization of untrusted object graphs data...

LogStare Collector 代码问题漏洞

LogStare Collector is a data collector from LogStare Japan. A code issue vulnerability exists in LogStare Collector that stems from an improperly controlled installer path that could lead to the execution of arbitrary code...