71 matches found
CVE-2025-5169
CVE-2025-5169 affects Open Asset Import Library (Assimp) version 5.4.3. The issue is in MDLImporter::InternReadFile_3DGS_MDL345 inside MDLLoader.cpp and causes an out-of-bounds read. Local access is required. The description notes that the exploit has been disclosed publicly and may be used. Ther...
CVE-2023-24523
An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent Start Service - versions 7.21, 7.22, can submit a crafted ConfigureOutsideDiscovery request with an operating system command which will be executed with administrator privileges. The OS...
CVE-2020-9258
HUAWEI P30 smartphone with versions earlier than 10.1.0.135C00E135R2P11 have an improper input verification vulnerability. An attribution in a module is not set correctly and some verification is lacked. Attackers with local access can exploit this vulnerability by injecting malicious fragment...
CVE-2025-5001
CVE-2025-5001 affects GNU PSPP (pspp-convert.c: calloc). Root cause: manipulation of the -l argument leads to an integer overflow in calloc. Impact: potential local impact, with availability degraded; confidentiality/integrity not affected per sources. Exploit has been disclosed publicly. Affecte...
CVE-2025-23254
NVIDIA TensorRT-LLM for any platform contains a vulnerability in python executor where an attacker may cause a data validation issue by local access to the TRTLLM server. A successful exploit of this vulnerability may lead to code execution, information disclosure and data tampering...
CVE-2025-29989
Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial...
CVE-2025-26330
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account...
CVE-2025-29989
Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial...
CVE-2025-3121
A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jitmodulefromflatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used...
PT-2025-13774 · Pytorch +1 · Pytorch +1
Name of the Vulnerable Software and Affected Versions: PyTorch version 2.6.0 Description: A critical issue has been identified, affecting the torch.nn.utils.rnn.pad packed sequence function, which can lead to memory corruption. This issue requires local access to exploit. Recommendations: For...
CVE-2025-2914
CVE-2025-2914 affects HDF5 up to 1.14.6. The vulnerability is in H5FS__sinfo_Srialize_Sct_cb in src/H5FScache.c, where manipulating the sect argument can cause a heap-based buffer overflow. Local access is required, and an exploit has been disclosed. In some advisories, a patched package version ...
CVE-2024-49561
Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
Linux Distros Unpatched Vulnerability : CVE-2024-1298
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful...
Linux Distros Unpatched Vulnerability : CVE-2021-4028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a...
CVE-2025-21105
Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and perform any administrative action permitted by it resulting in shutting down t...
Zoom Workplace Desktop App < 6.2.10 DoS (ZSB-25005)
The version of Zoom Workplace Desktop App installed on the remote host is prior to 6.2.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-25005 advisory. - Symlink following in the installer for Zoom Workplace app for macOS before 6.2.10 may allow an authenticated user to...
PT-2025-32537 · Unknown +1 · Nasm Netwide Assember +1
Name of the Vulnerable Software and Affected Versions: NASM Netwide Assember version 2.17rc0 Description: A heap-based buffer overflow exists in the macho no dead strip function within the outmacho.c file. Local access is required for exploitation. The exploit for this issue has been publicly...
Dell NativeEdge Elevation of Privilege Vulnerability
Dell NativeEdge is a software provided by Dell for managing and configuring network devices. A security vulnerability exists in Dell NativeEdge. An attacker could exploit the vulnerability to locally access the system with low privileges, resulting in elevated privileges...
AZL-42337 CVE-2024-1298 affecting package hvloader for versions less than 1.0.1-3
EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful exploit of this vulnerability may lead to a loss of Availability...
NVIDIA DGX Buffer Error Vulnerability
NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. A buffer error vulnerability exists in NVIDIA DGX A100 Servers, which originates from a heap-based buffer overflow that could be caused by a user via local access...