57 matches found
CVE-2025-23295
NVIDIA Apex for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data...
Linux Distros Unpatched Vulnerability : CVE-2025-23279
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. A successful exploit o...
CVE-2025-7771 Code Execution / Escalation of Privileges in ThrottleStop
ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke...
CVE-2025-7771
CVE-2025-7771 affects ThrottleStop.sys (v3.0.0.0 and possibly others). The driver exposes two IOCTLs (read/write physical memory) that use MmMapIoSpace with no input validation, enabling a local attacker to map arbitrary physical memory, patch the Windows kernel, and invoke kernel functions with ...
PT-2025-30623 · Undefined · Undefined
🚨 Breaking: SUSE-2025-02476-1 patch drops for Multi-Linux Manager 4.3. 9 CVEs patched—including remote code execution CVE-2025-18432 and privilege escalation exploits. 🔧 Step-by-step guide + risk matrix: ⚠️ Patch within 72 hrs! Read more: 👉 https://t.co/evlHbRJ4Fr Linux https://t.co/3Fxej90SEg...
CVE-2025-49148
ClipShare is a lightweight and cross-platform tool for clipboard sharing. Prior to 3.8.5, ClipShare Server for Windows uses the default Windows DLL search order and loads system libraries like CRYPTBASE.dll and WindowsCodecs.dll from its own directory before the system path. A local, non-privileg...
CVE-2023-31462
An issue was discovered in SteelSeries GG 36.0.0. An attacker can change values in an unencrypted database that is writable for all users on the computer, in order to trigger code execution with higher privileges...
CVE-2022-31635
Potential time-of-check to time-of-use TOCTOU vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure...
KLA79208 Multiple vulnerabilities in Oracle Java
Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability can be exploited remotely to execut...
CVE-2025-22394
Dell Display Manager (Windows) is affected by a TOCTOU race condition in versions prior to 2.3.2.18. A low-privileged local attacker could potentially exploit this to achieve code execution and possible privilege escalation. The connected sources confirm the vulnerability of the Dell Display Mana...
CVE-2025-22394
Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use TOCTOU Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to code execution and possibly privilege escalation...
CVE-2024-5651
A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a...
KLA70405 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, perform cross-site scripting attack, bypass security restrictions, spoof user interface, gain privileges, obtain sensitive information...
Microsoft Windows Multiple Vulnerabilities (KB5035930)
This host is missing an important security update according to Microsoft KB5035930 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
CVE-2022-31639
Potential time-of-check to time-of-use TOCTOU vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure...
CVE-2023-30382
A buffer overflow in the component hl.exe of Valve Half-Life up to 5433873 allows attackers to execute arbitrary code and escalate privileges by supplying crafted parameters...
CVE-2022-45494
CVE-2022-45494 describes a buffer overflow in the sheredom json.h project, specifically in the function used to parse objects (json_parse_object) prior to commit 0825301a07cbf51653882bf2b153cc81fdadf41 (Nov 14, 2022). The flaw can allow an attacker to execute arbitrary code and achieve escalated ...
Design/Logic Flaw
vSphereselfuse commit 2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...
Design/Logic Flaw
The cloudlabeling package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...
MGASA-2022-0052 Updated glibc packages fix security vulnerability
Updated glibc packages fix security vulnerability: An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to...