FreeImage Security Vulnerability

FreeImage is a cross-platform open source library for supporting popular graphic image formats. A security vulnerability exists in FreeImage version v.3.19.0, which stems from the presence of a buffer overflow vulnerability. A local attacker can exploit this vulnerability to execute arbitrary cod...

FreeImage Security Vulnerability

FreeImage is a cross-platform open source library for supporting popular graphic image formats. A security vulnerability exists in FreeImage version v.3.19.0, which stems from a buffer overflow vulnerability. A local attacker can exploit this vulnerability to execute arbitrary code via the Load...

PT-2024-22484 · Freeimage +1 · Freeimage +1

Name of the Vulnerable Software and Affected Versions: FreeImage version 3.19.0 Description: The issue allows a local attacker to execute arbitrary code via the ReadData function when reading images in RAS format. Recommendations: For FreeImage version 3.19.0, consider disabling the ReadData...

PT-2024-22487 · Freeimage +1 · Freeimage +1

Name of the Vulnerable Software and Affected Versions: FreeImage version 3.19.0 Description: The issue allows a local attacker to execute arbitrary code via the readLine function when reading images in XPM format. Recommendations: For FreeImage version 3.19.0, consider disabling the readLine...

PT-2024-22485 · Freeimage +1 · Freeimage +1

Name of the Vulnerable Software and Affected Versions: FreeImage version 3.19.0 Description: The issue allows a local attacker to execute arbitrary code via the assignPixel function when reading images in TARGA format. This is a Buffer Overflow vulnerability. Recommendations: For FreeImage versio...

PT-2024-22481 · Freeimage +1 · Freeimage +1

Name of the Vulnerable Software and Affected Versions: FreeImage version 3.19.0 r1909 Description: A Buffer Overflow issue in the FreeImage library allows a local attacker to execute arbitrary code via the Load function when reading images in RAS format. Recommendations: For FreeImage version...

Vulnerabilities fixed in Cisco IOS XR

Cisco has fixed vulnerabilities in IOS XR. A malicious person could exploit the vulnerabilities to circumvent a security measure bypass, cause a denial-of-service, or execute arbitrary execute arbitrary code on the vulnerable system. To successfully execute arbitrary code, the malicious party mus...

CVE-2023-49453

Reflected cross-site scripting XSS vulnerability in Racktables v0.22.0 and before, allows local attackers to execute arbitrary code and obtain sensitive information via the search component in index.php...

SUSE CVE-2024-25817

Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components...

CVE-2024-25817

Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components...

CVE-2024-0155

Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of arbitrary code...

CVE-2023-46708

in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free...

CVE-2023-51835

An issue in TRENDnet TEW-822DRE v.1.03B02 allows a local attacker to execute arbitrary code via the parameters ipv4ping in the /boafrm/formSystemCheck...

TRENDnet TEW-822DRE Security Vulnerability

The TRENDnet TEW-822DRE is a dual-band wireless router from TRENDnet. A security vulnerability exists in the TRENDnet TEW-822DRE version v.1.03B02, which originates from a vulnerability that allows a local attacker to execute arbitrary code via the parameter ipv4ping in /boafrm/formSystemCheck...

PT-2024-38410

Name of the Vulnerable Software and Affected Versions oFono affected versions not specified Description This issue allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit...

PT-2024-38412

Name of the Vulnerable Software and Affected Versions oFono affected versions not specified Description This issue allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit...

PT-2024-38411

Name of the Vulnerable Software and Affected Versions oFono affected versions not specified Description This issue allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit...

Thales SafeNet Authentication Client Security Vulnerability

Thales Group Thales Safenet Authentication Client is an authentication client from Thales Group, France. A security vulnerability exists in Thales SafeNet Authentication Client versions prior to 10.8 R10 that originates from a vulnerability that allows an attacker to execute code at the system...

CVE-2023-49114

A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or higher, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL, if some specific pre-conditions are met...

PT-2024-20907 · Thesycon · Tusbaudio

Name of the Vulnerable Software and Affected Versions: Thesycon Software Solutions Gmbh & Co. KG TUSBAudio versions prior to 5.68.0 Description: An issue in TUSBAudio MSI-based installers allows a local attacker to execute arbitrary code via the msiexec.exe repair mode. This enables a local...