4314 matches found
VMware Releases Critical Patches for Workstation and Fusion Software
VMware has released updates to resolve multiple security flaws impacting its Workstation and Fusion software, the most critical of which could allow a local attacker to achieve code execution. The vulnerability, tracked as CVE-2023-20869 CVSS score: 9.3, is described as a stack-based...
CVE-2021-33971
Qihoo 360 https://www.360.cn/ Qihoo 360 Safeguard https://www.360.cn/ Qihoo 360 Total Security http://www.360totalsecurity.com/ is affected by: Buffer Overflow. The impact is: execute arbitrary code local. The component is: This is a set of vulnerabilities affecting popular software, "360...
CVE-2021-33974
Qihoo 360 https://www.360.cn/ Qihoo 360 Safeguard https://www.360.cn/ Qihoo 360 Chrome https://browser.360.cn/ee/ is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: This is a set of vulnerabilities affecting popular software, and the installation...
CVE-2023-20655
In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022...
CVE-2023-20655
In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022...
Privilege escalation
In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022...
CVE-2023-20655
In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022...
CVE-2023-20655
CVE-2023-20655 stems from a parcel format mismatch in MediaTek’s mmsdk, enabling local privilege escalation and potential local code execution without extra privileges or user interaction. Severity is rated high (CVSSv3.1: 7.8; LOCAL attack, LOW complexity, HIGH impact on confidentiality, integri...
PT-2023-17524 · Mmsdk · Mmsdk
Name of the Vulnerable Software and Affected Versions: mmsdk affected versions not specified Description: The issue is related to a parcel format mismatch in mmsdk, which could lead to a possible escalation of privilege. This might result in local code execution without requiring additional...
CVE-2023-20655
In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022...
CVE-2020-23327
Cross Site Scripting vulnerability found in ZblogCN ZblogPHP v.1.0 allows a local attacker to execute arbitrary code via a crafted payload in title parameter of the module management model...
CVE-2022-1230
This vulnerability allows local attackers to execute arbitrary code on affected installations of Samsung Galaxy S21 prior to 4.5.40.5 phones. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
CVE-2023-21020
In registerSignalHandlers of main.c, there is a possible local arbitrary code execution due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID...
CVE-2023-1250
Improper Input Validation vulnerability in OTRS AG OTRS ACL modules, OTRS AG OTRS Community Edition ACL modules allows Local Execution of Code. When creating/importing an ACL it was possible to inject code that gets executed via manipulated comments and ACL-names This issue affects OTRS: from 7.0...
CVE-2023-1250
OTRS/OTRS Community Edition vulnerable to improper input validation in ACL modules, enabling local code execution via manipulated comments and ACL-names. Affected: OTRS 7.0.x before 7.0.42, 8.0.x before 8.0.31; CE 6.0.1 through 6.0.34. Remediation: upgrade to 7.0.42+ (or later), 8.0.31+ (or later...
Design/Logic Flaw
Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service...
CVE-2022-34416
Dell PowerEdge BIOS and Dell Precision BIOS are affected by an Improper SMM communication buffer verification vulnerability. The root cause is improper verification in SMM communications, allowing a local high-privilege user to potentially execute arbitrary code or cause a denial of service. The ...
PT-2023-13401 · Dell · Dell Precision Bios +1
Name of the Vulnerable Software and Affected Versions: Dell PowerEdge BIOS affected versions not specified Dell Precision BIOS affected versions not specified Description: The issue is related to an Improper SMM communication buffer verification vulnerability. A local malicious user with high...
Vulnerability fixed in Adobe Creative Cloud Desktop Application
Adobe has fixed a vulnerability in Creative Cloud Desktop Application. A local malicious person could abuse the vulnerability to execute arbitrary code. The malicious party does not need prior authorizations on the application. Adobe has released updates to fix the vulnerability in Creative Cloud...
Vulnerabilities fixed in Adobe Dimension
Adobe has fixed vulnerabilities in Dimension. A local malicious person could exploit the vulnerabilities to execute arbitrary code execute with application privileges, or to access gain access to sensitive data in the context of the application. Adobe has released updates to fix the vulnerabiliti...