4323 matches found
CVE-2024-30961
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the error-thrown mechanism in nav2btnavigator...
CVE-2024-30962
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2amcl process...
CVE-2024-30964
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the initialposesub thread created by nav2btnavigator...
CVE-2024-37862
CVE-2024-37862 describes a Buffer Overflow in ROS 2 navigation2 (navigation2-humble) affecting the nav2_planner component. A local attacker can execute arbitrary code by providing a crafted .yaml file to the nav2_planner process. Documented impact includes potential full system compromise; CVSS v...
CVE-2024-37860
The CVE-2024-37860 entry concerns a buffer overflow in ROS 2 navigation2 (navigation2-humble) affecting the nav2_amcl process. Affected component is navigation2/nav2_amcl; the root cause is a crafted YAML file that can overflow a buffer, enabling a local attacker to execute arbitrary code . The p...
PT-2024-23693 · Open Robotics · Ros2 +1
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble Description: A Buffer Overflow issue allows a local attacker to execute arbitrary code via a crafted script. This issue exists in the navigation2...
CVE-2024-30962
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2amcl process...
Cisco Small Business SPA300 and SPA500 Series IP Phones Local Code Execution (CVE-2014-3312)
The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface, aka Bug ID CSCun77435...
CVE-2024-49410
Out-of-bounds write in libswmfextractor.so prior to SMR Dec-2024 Release 1 allows local attackers to execute arbitrary code...
SAMSUNG mobile 安全漏洞
SAMSUNG mobile is a cell phone from Samsung South Korea. A security vulnerability exists in SAMSUNG mobile before SMR-Dec-2024 Release 1, which originates from an out-of-bounds write issue that could allow a local attacker to execute arbitrary code...
PT-2024-33522 · Unknown · Libswmfextractor.So
Name of the Vulnerable Software and Affected Versions: libswmfextractor.so versions prior to SMR Dec-2024 Release 1 Description: The issue is an out-of-bounds write in libswmfextractor.so, allowing local attackers to execute arbitrary code. This enables attackers to potentially gain control over...
CVE-2024-29404
An issue in Razer Synapse 3 v.3.9.131.20813 and Synapse 3 App v.20240213 allows a local attacker to execute arbitrary code via the export parameter of the Chroma Effects function in the Profiles component...
Astra Linux – Vulnerability in ffmpeg
The Ffmpeg v.N113007-g8d24a28d06 contains a buffer overflow vulnerability that allows a local attacker to execute arbitrary code through libavfilter/afstereowiden.c:120:69...
CVE-2024-11495
Buffer overflow vulnerability in OllyDbg, version 1.10, which could allow a local attacker to execute arbitrary code due to lack of proper bounds checking...
needrestart 权限许可和访问控制问题漏洞
needrestart is a tool by liske personal developer for checking which daemons need to be restarted after an upgrade. A security vulnerability exists in versions prior to needrestart 3.8, which stems from a vulnerability that allows a local attacker to run the Python interpreter by tricking...
PT-2024-34415 · Micro Star International · Msi Center Pro
Name of the Vulnerable Software and Affected Versions: Micro-star International MSI Center Pro version 2.1.37.0 Description: The issue allows a local attacker to execute arbitrary code via the Device DeviceID.dat.bak file within the C:ProgramDataMSIOne Dragon CenterData folder. This is due to an...
UBUNTU-CVE-2024-50986
An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file...
PT-2024-34600 · Ultimaker · Ultimaker Cura
Name of the Vulnerable Software and Affected Versions: UltiMaker Cura versions 4.41 and 5.8.1 and earlier Description: The issue allows a local attacker to execute arbitrary code via the Inter-process communication IPC mechanism between the Cura application and CuraEngine processes, localhost...
PT-2024-11915 · Undefined · Undefined
CVE-2024-50986 CVE-20224-50986 DLL Hijacking Exploit for Clementine Description: An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file. Version Affected: Clementi... https://t.co/QByf3fJ8GI...
CVE-2024-50322
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required...