4316 matches found
PT-2024-18719 · Unknown · Libpadm.So
Name of the Vulnerable Software and Affected Versions: libpadm.so versions prior to SMR Feb-2024 Release 1 Description: The issue is an out-of-bounds write in the padmd vld htbl of libpadm.so, allowing a local attacker to execute arbitrary code. Recommendations: For versions prior to SMR Feb-2024...
USN-6620-1 glibc vulnerabilities
It was discovered that the GNU C Library incorrectly handled the syslog function call. A local attacker could use this issue to execute arbitrary code and possibly escalate privileges...
CVE-2023-51835
An issue in TRENDnet TEW-822DRE v.1.03B02 allows a local attacker to execute arbitrary code via the parameters ipv4ping in the /boafrm/formSystemCheck...
PT-2024-14308 · Trendnet · Trendnet Tew-822Dre
Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-822DRE version 1.03B02 Description: An issue allows a local attacker to execute arbitrary code via the ipv4 ping parameter in the "/boafrm/formSystemCheck" API endpoint. Recommendations: For TRENDnet TEW-822DRE version 1.03B02,...
SUSE CVE-2024-21803
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...
CVE-2024-21803
NVD describes an after-free vulnerability found in the Linux kernel in the Linux x86 ARM Bluetooth module that allows local code execution. This vulnerability is associated with the program file, https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects...
AZL-34875 CVE-2024-21803 affecting package kernel for versions less than 6.6.35.1-4
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...
DEBIAN-CVE-2024-21803
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...
AZL-34203 CVE-2024-21803 affecting package kernel for versions less than 5.15.158.1-1
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...
UBUNTU-CVE-2024-21803
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...
PT-2024-6708 · Synology · Synology Drive Client
Name of the Vulnerable Software and Affected Versions: Synology Drive Client versions prior to 3.3.0-15082 Description: The issue is related to the inclusion of functionality from an untrusted control sphere in the OpenSSL DLL component. This allows local users to execute arbitrary code via...
PT-2024-19620 · Bosscms · Bosscms
Name of the Vulnerable Software and Affected Versions: BossCMS version 1.3.0 Description: The issue allows a local attacker to execute arbitrary code and escalate privileges. This is achieved via the init function in the admin.class.php component. Recommendations: For BossCMS version 1.3.0,...
CVE-2023-51833
A command injection issue in TRENDnet TEW-411BRPplus v.2.07eu that allows a local attacker to execute arbitrary code via the data1 parameter in the debug.cgi page...
CVE-2024-0645
Buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531. A local attacker could execute arbitrary code via a long filename argument by monitoring Structured Exception Handler SEH records...
PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions
The point-of-sale PoS terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to...
CVE-2024-22428
Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability. It may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system. Dell recommends customers upgrade at the earliest opportunity...
SUSE CVE-2023-51257
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code...
AZL-34807 CVE-2023-51257 affecting package jasper for versions less than 4.2.1-1
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code...
CVE-2023-7206
In Horner Automation Cscape versions 9.90 SP10 and prior, local attackers are able to exploit this vulnerability if a user opens a malicious CSP file, which would result in execution of arbitrary code on affected installations of Cscape...
CVE-2023-42134
PAX Android based POS devices with PayDroid8.1.0SagittariusV11.1.4520230314 or earlier can allow the signed partition overwrite and subsequently local code execution via hidden command. The attacker must have physical USB access to the device in order to exploit this vulnerability...