CVE-2023-6044

A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker with physical access to impersonate Lenovo Vantage Service and execute arbitrary code with elevated privileges...

Privilege escalation

A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker to bypass integrity checks and execute arbitrary code with elevated privileges...

Privilege escalation

A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker with physical access to impersonate Lenovo Vantage Service and execute arbitrary code with elevated privileges...

CVE-2023-6044

A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker with physical access to impersonate Lenovo Vantage Service and execute arbitrary code with elevated privileges...

CVE-2023-51806

File Upload vulnerability in Ujcms v.8.0.2 allows a local attacker to execute arbitrary code via a crafted file...

Design/Logic Flaw

An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file...

Totolink T6 安全漏洞

TOTOLINK T6 is a wireless dual-band router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in Totolink T6 version 4.1.9cu.5241B20210923, which originates from the component HTTP POST Request Handler in the file /cgi-bin/cstecgi.cgi that fails to correctly validate t...

Security Bulletin: IBM Storage Fusion HCI could be vulnerable to code injection via use of quartz/quartz-jobs [CVE-2023-39017]

Summary The Java library quartz/quartz-jobs is used by IBM Storage Fusion HCI for backup scheduling. A vulnerability in this library includes code injection that could lead to execution of arbitrary code as described in the CVE listed in the 'Vulnerabilities Details' section. This bulletin...

Ubuntu: Security Advisory (USN-6563-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : zabbix (openSUSE-SU-2023:0419-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0419-1 advisory. - An attacker who has the privilege to configure Zabbix items can use function icmpping with additional malicious command inside it to execute arbitrary...

Cloudflare Wrangle Security Breach

Cloudflare Wrangler is a repository from Cloudflare, Inc. A security vulnerability exists in Cloudflare Wrangler versions prior to 3.19.0 that stems from the presence of an arbitrary code execution vulnerability that allows an attacker on a local network to connect to the inspector and run...

PT-2023-28692 · Dell · Dell Client Bios

Name of the Vulnerable Software and Affected Versions: Dell Client BIOS affected versions not specified Description: Dell Client BIOS contains a pre-boot direct memory access DMA vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability...

Security Bulletin: IBM® Db2® is affected by multiple vulnerabilities in the consumed PCRE library.

Summary IBM® Db2® is affected by multiple vulnerabilities in the consumed PCRE library. Vulnerability Details CVEID:CVE-2015-8383 DESCRIPTION: PCRE is vulnerable to a heap-based buffer overflow, caused by the improper handling of certain repeated conditional groups. By using a specially crafted...

CVE-2023-49032

An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary phone...

CVE-2023-50628

Buffer Overflow vulnerability in libming version 0.4.8, allows attackers to execute arbitrary code and obtain sensitive information via parser.c component...

CVE-2023-6315

Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file...

CVE-2023-48050

SQL injection vulnerability in Cams Biometrics Zkteco, eSSL, Cams Biometrics Integration Module with HR Attendance aka odoo-biometric-attendance v. 13.0 through 16.0.1 allows a remote attacker to execute arbitrary code and to gain privileges via the db parameter in the controllers/controllers.py...

Adobe Substance 3D Sampler out-of-bounds write vulnerability (CNVD-2023-9821564)

Adobe Substance 3D Sampler is a photogrammetry software from the American company Audobee Adobe. It is used to convert photo captures and scanned images into 3D textures and material assets. An out-of-bounds write vulnerability exists in Adobe Substance 3D Sampler 4.2.1 and earlier versions, whic...

Ubuntu: Security Advisory (USN-6557-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6557-1: Vim vulnerabilities

It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. CVE-2022-1725 It was discovered that Vim could be made to recurse...