CVE-2022-24345

In JetBrains IntelliJ IDEA before 2021.2.4, local code execution without permission from a user upon opening a project was possible...

CVE-2022-29819

In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible...

CVE-2022-29813

In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible...

CVE-2022-29815

In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible...

CVE-2022-29814

In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible...

CVE-2022-29821

In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible...

CVE-2022-28630

A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality and integrity, and a partial...

CVE-2022-29971

An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena ODBC Driver 1.1.1 through 1.1.x before 1.1.17 may allow a local user to execute arbitrary code...

CVE-2021-25510

An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution...

CVE-2021-42977

NoMachine Enterprise Desktop is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Desktop above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I...

CVE-2021-26807

GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.dll, libgccsdw2-1.dll and libwinpthread-1.dll from PATH, which allows an attacker to potentially run code locally through unsigned DLL loading...

CVE-2021-32579

Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker who has a local code execution ability to tamper with the micro-service API...

CVE-2021-25758

In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to local code execution...

CVE-2021-4210

A potential vulnerability in the SMI callback function used in the NVME driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code...

CVE-2021-43000

Amzetta zPortal Windows zClient is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal Windows zClient = v3.2.8180.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I/O Reques...

CVE-2021-42987

Eltima USB Network Gate is affected by Integer Overflow. IOCTL Handler 0x22001B in the USB Network Gate above 7.0.1370 below 9.2.2420 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I/O Request Packet...

CVE-2021-29263

In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS...

CVE-2020-11632

The Zscaler Client Connector prior to 2.1.2.150 did not quote the search path for services, which allows a local adversary to execute code with system privileges...

CVE-2020-23327

Cross Site Scripting vulnerability found in ZblogCN ZblogPHP v.1.0 allows a local attacker to execute arbitrary code via a crafted payload in title parameter of the module management model...

CVE-2020-9287

An Unsafe Search Path vulnerability in FortiClient EMS online installer 6.2.1 and below may allow a local attacker with control over the directory in which FortiClientEMSOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious Filter Library DLL files in that...