CVE-2021-29088

CVE-2021-29088 affects Synology DiskStation Manager (DSM) prior to 6.2.4-25553, in the CGI component, via a path traversal vulnerability that allows local users to execute arbitrary code via unspecified vectors. Impact is described as high (C/H/I/H/A/H) with local attack vector and no user intera...

Veyon 4.4.1 - 'VeyonService' Unquoted Service Path

Exploit Title: Veyon 4.4.1 - 'VeyonService' Unquoted Service Path Discovery by: Víctor García Discovery Date: 2020-03-23 Vendor Homepage: https://veyon.io/ Software Link: https://github.com/veyon/veyon/releases/download/v4.4.1/veyon-4.4.1.0-win64-setup.exe Tested Version: 4.4.1 Vulnerability Type...

CVE-2019-4588

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks...

Zephyr 缓冲区错误漏洞

Zephyr is a small real-time operating system for interconnected, resource-constrained embedded devices. A memory corruption vulnerability exists in Zephyr versions 1.14.2, 2.3.0. A local attacker can exploit this vulnerability by sending a malformed SPI response that corrupts kernel memory in the...

JetBrains IntelliJ IDEA Local Code Execution Vulnerability

Jetbrains JetBrains IntelliJ IDEA is a Czech JetBrains integrated development environment for the Java language . A local code execution vulnerability exists in JetBrains IntelliJ IDEA versions prior to 2020.3.3. The vulnerability stems from an insufficient check when the VCS fetches the project...

JetBrains PyCharm Local Code Execution Vulnerability

PyCharm is the Python integrated development environment from Czech software development company JetBrains. A local code execution vulnerability exists in PyCharm versions prior to 2020.3.4. The vulnerability stems from insufficient checks when the VCS fetches a project and can be exploited by an...

JetBrains WebStrom Local Code Execution Vulnerability

JetBrains WebStorm is a JavaScript integrated development environment from Czech software development company JetBrains. versions prior to JetBrains WebStorm 2021.1 have a local code execution vulnerability that could be exploited by an attacker to make WebStrom execute local code when pulling co...

CVE-2021-29263

In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS...

CVE-2021-30005

In JetBrains PyCharm before 2020.3.4, local code execution was possible because of insufficient checks when getting the project from VCS...

Design/Logic Flaw

In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS...

CVE-2021-29263

In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS...

Jetbrains JetBrains PyCharm 数据伪造问题漏洞

PyCharm is the Python integrated development environment from Czech software development company JetBrains. A local code execution vulnerability exists in PyCharm versions prior to 2020.3.4. The vulnerability stems from insufficient checks when the VCS fetches a project and can be exploited by an...

Jetbrains JetBrains IntelliJ IDEA 安全漏洞

Jetbrains JetBrains IntelliJ IDEA is a Czech JetBrains integrated development environment for the Java language . A local code execution vulnerability exists in JetBrains IntelliJ IDEA versions prior to 2020.3.3. The vulnerability stems from an insufficient check when the VCS fetches the project...

JetBrains WebStorm 安全漏洞

JetBrains WebStorm is a JavaScript integrated development environment from Czech software development company JetBrains. versions prior to JetBrains WebStorm 2021.1 have a local code execution vulnerability that could be exploited by an attacker to make WebStrom execute local code when pulling co...

CVE-2021-20515

IBM Informix Dynamic Server 14.10 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local privileged user could overflow a buffer and execute arbitrary code on the system or cause a denial of service condition. IBM X-Force ID: 198366...

CVE-2021-26807

GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.dll, libgccsdw2-1.dll and libwinpthread-1.dll from PATH, which allows an attacker to potentially run code locally through unsigned DLL loading...

Boost Connect community Galaxy Client 代码问题漏洞

Boost Connect community Galaxy Client is a Boost Connect community open source application. It provides a function to remove unused PC programs. A code issue vulnerability exists in Galaxy Client 2.0.28.9, which can be exploited by an attacker to potentially run code locally via an unsigned DLL...

IBM Spectrum Protect 缓冲区错误漏洞

IBM Spectrum Protect formerly known as Tivoli Storage Manager is a suite of data protection platforms from International Business Machines IBM. The platform provides organizations with a single point of control and management, and supports backup and recovery for virtual, physical and cloud...

CVE-2021-0252

NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon JDMD process. This issue affects Juniper Networks Junos OS on NFX Series: 18.1 version 18.1R1...

CVE-2021-0252

NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon JDMD process. This issue affects Juniper Networks Junos OS on NFX Series: 18.1 version 18.1R1...