SUSE CVE-2018-17358

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory access exists in bfdstabsectionfindnearestline in syms.c. Attackers could leverage this vulnerability to cause a denial of service application crash via a crafted E...

SUSE CVE-2018-18310

An invalid memory address dereference was discovered in dwflsegmentreportmodule.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by considernotes...

SUSE CVE-2019-10167

The virConnectGetDomainCapabilities libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients...

SUSE CVE-2019-13702

Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable...

SUSE CVE-2019-17450

findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service infinite recursion and application crash via a crafted ELF file...

CVE-2020-24307

An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. NOTE: third parties were unable to reproduce any scenario in which the claimed access of BUILTIN\Users:M is present...

PT-2023-11671 · Mremoteng · Mremoteng

Name of the Vulnerable Software and Affected Versions: mRemoteNG version 1.76.20 Description: An issue in the software allows attackers to escalate privileges via a crafted executable file. There were attempts by third parties to reproduce a scenario where the claimed access of BUILTINUsers:M is...

CVE-2022-38932

readelf in ToaruOS 2.0.1 has a global overflow allowing RCE when parsing a crafted ELF file...

PT-2022-24621 · Toaruos · Toaruos

Name of the Vulnerable Software and Affected Versions: ToaruOS version 2.0.1 Description: The issue allows for remote code execution when a crafted ELF file is parsed, due to a global overflow in the readelf component. Recommendations: For ToaruOS version 2.0.1, consider avoiding the use of reade...

CVE-2022-38532

Micro-Star International Co., Ltd MSI Center 1.0.50.0 was discovered to contain a vulnerability in the component CFeatures of MSI.CentralServer.exe. This vulnerability allows attackers to escalate privileges via running a crafted executable...

CVE-2022-38532

Micro-Star International Co., Ltd MSI Center 1.0.50.0 was discovered to contain a vulnerability in the component CFeatures of MSI.CentralServer.exe. This vulnerability allows attackers to escalate privileges via running a crafted executable...

CVE-2022-38532

Micro-Star International Co., Ltd MSI Center 1.0.50.0 was discovered to contain a vulnerability in the component CFeatures of MSI.CentralServer.exe. This vulnerability allows attackers to escalate privileges via running a crafted executable...

PT-2022-24440 · Msi · Msi Center

Name of the Vulnerable Software and Affected Versions: MSI Center version 1.0.50.0 Description: The issue allows attackers to escalate privileges via running a crafted executable, exploiting a vulnerability in the component C Features of MSI.CentralServer.exe. Recommendations: For version 1.0.50....

CVE-2022-36670

PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable...

CVE-2022-37771

IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable...

CVE-2022-36670

PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable...

CVE-2022-37771

CVE-2022-37771 affects IObit Malware Fighter v9.2 on Windows, where lack of tamper protection lets an authenticated Administrator modify application processes and escalate to SYSTEM via a crafted executable. The issue is described as a local vulnerability with high impact on confidentiality, inte...

Symantec PCProtect Endpoint 安全漏洞

Symantec PCProtect Endpoint is an antivirus program from Symantec USA. A security vulnerability exists in Symantec PCProtect Endpoint prior to v5.17.470, which stems from a lack of tamper protection and allows an authenticated attacker with administrator privileges to modify processes in the...

PT-2022-24061 · Iobit · Iobit Malware Fighter

Name of the Vulnerable Software and Affected Versions: IObit Malware Fighter version 9.2 Description: The issue allows authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable, due to the lack of...

IObit Malware Fighter 安全漏洞

IOBit Malware Fighter is a suite of antivirus software for Windows-based platforms from IOBit. The program has anti-malware and virus protection features. A security vulnerability exists in IObit Malware Fighter v9.2, which is caused by allowing an authenticated attacker with administrator...