Siemens Engineering Platforms

SUMMARY Affected products contain a local arbitrary code execution vulnerability that could allow an attacker to perform actions against the operation system of that environment. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet...

PT-2024-17563 · Sourcecodester · Sourcecodester Phone Contact Manager System

Name of the Vulnerable Software and Affected Versions: SourceCodester Phone Contact Manager System version 1.0 Description: The issue is related to a buffer overflow in memory. It is possible to launch the attack on the local host. The manipulation of the UserInterface::MenuDisplayStart function ...

CVE-2024-30961

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the error-thrown mechanism in nav2btnavigator...

CVE-2024-37862

Buffer Overflow vulnerability in Open Robotic Robotic Operating System 2 ROS2 navigation2- ROS2-humble&& navigation2-humble allows a local attacker to execute arbitrary code via a crafted .yaml file to the nav2planner process...

CVE-2024-30964

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the initialposesub thread created by nav2btnavigator...

CVE-2024-30962

Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2amcl process...

CVE-2024-37862

CVE-2024-37862 describes a Buffer Overflow in ROS 2 navigation2 (navigation2-humble) affecting the nav2_planner component. A local attacker can execute arbitrary code by providing a crafted .yaml file to the nav2_planner process. Documented impact includes potential full system compromise; CVSS v...

CVE-2024-37860

The CVE-2024-37860 entry concerns a buffer overflow in ROS 2 navigation2 (navigation2-humble) affecting the nav2_amcl process. Affected component is navigation2/nav2_amcl; the root cause is a crafted YAML file that can overflow a buffer, enabling a local attacker to execute arbitrary code . The p...

CVE-2024-30962

Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2amcl process...

PT-2024-23693 · Open Robotics · Ros2 +1

Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble Description: A Buffer Overflow issue allows a local attacker to execute arbitrary code via a crafted script. This issue exists in the navigation2...

Cisco Small Business SPA300 and SPA500 Series IP Phones Local Code Execution (CVE-2014-3312)

The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface, aka Bug ID CSCun77435...

CVE-2024-49410

Out-of-bounds write in libswmfextractor.so prior to SMR Dec-2024 Release 1 allows local attackers to execute arbitrary code...

SAMSUNG mobile 安全漏洞

SAMSUNG mobile is a cell phone from Samsung South Korea. A security vulnerability exists in SAMSUNG mobile before SMR-Dec-2024 Release 1, which originates from an out-of-bounds write issue that could allow a local attacker to execute arbitrary code...

PT-2024-33522 · Unknown · Libswmfextractor.So

Name of the Vulnerable Software and Affected Versions: libswmfextractor.so versions prior to SMR Dec-2024 Release 1 Description: The issue is an out-of-bounds write in libswmfextractor.so, allowing local attackers to execute arbitrary code. This enables attackers to potentially gain control over...

CVE-2024-29404

An issue in Razer Synapse 3 v.3.9.131.20813 and Synapse 3 App v.20240213 allows a local attacker to execute arbitrary code via the export parameter of the Chroma Effects function in the Profiles component...

CVE-2024-11495

Buffer overflow vulnerability in OllyDbg, version 1.10, which could allow a local attacker to execute arbitrary code due to lack of proper bounds checking...

needrestart 权限许可和访问控制问题漏洞

needrestart is a tool by liske personal developer for checking which daemons need to be restarted after an upgrade. A security vulnerability exists in versions prior to needrestart 3.8, which stems from a vulnerability that allows a local attacker to run the Python interpreter by tricking...

PT-2024-34415 · Micro Star International · Msi Center Pro

Name of the Vulnerable Software and Affected Versions: Micro-star International MSI Center Pro version 2.1.37.0 Description: The issue allows a local attacker to execute arbitrary code via the Device DeviceID.dat.bak file within the C:ProgramDataMSIOne Dragon CenterData folder. This is due to an...

UBUNTU-CVE-2024-50986

An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file...

PT-2024-34600 · Ultimaker · Ultimaker Cura

Name of the Vulnerable Software and Affected Versions: UltiMaker Cura versions 4.41 and 5.8.1 and earlier Description: The issue allows a local attacker to execute arbitrary code via the Inter-process communication IPC mechanism between the Cura application and CuraEngine processes, localhost...