CVE-2018-8726

K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code local. The component is: K7TSMngr.exe...

CVE-2018-8726

K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code local. The component is: K7TSMngr.exe...

CVE-2020-4739

IBM DB2 Accessories Suite for Linux, UNIX, and Windows, DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft...

CVE-2020-27192

BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool...

CVE-2020-5992

NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges...

CVE-2020-25174

A DLL hijacking vulnerability in the B. Braun OnlineSuite Version AP 3.0 and earlier allows local attackers to execute code on the system as a high privileged user...

CVE-2020-28046

ProlinOS up to version 2.4.161.8859R is affected. A local attacker with normal user (MAINAPP) privileges can escalate to root by abusing a setuid xtables-multi binary and using the ip6tables --modprobe switch. The connected records confirm the root-cause is the setuid installation and ip6tables m...

CVE-2020-4723

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force I...

CVE-2020-4722

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force I...

CVE-2020-4724

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system...

CVE-2020-4721

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force I...

CVE-2020-11858

Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge containerized. The vulneravility affects: 1. Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10...

Vulnerability fixed in IBM Informix

IBM has fixed a vulnerability in Informix. A local malicious party could potentially exploit the vulnerability to execute arbitrary code under the privileges of the informix user. IBM has released updates to fix the vulnerability in Informix Dynamic Server. For more information, see:...

Vulnerability fixed in Cisco Webex Teams for Windows

Cisco has fixed a vulnerability in the Windows client of Cisco Webex Teams. The vulnerability allows a local, authenticated malicious person to execute arbitrary code execute under privileges of other local users. This requires a malicious DLL file must be placed in a specific location of the fil...

Debian DLA-2383-1 : nfdump security update

Two issues have been found in nfdump, a netflow capture daemon. Both issues are related to either a buffer overflow or an integer overflow, which could result in a denial of service or a local code execution. For Debian 9 stretch, these problems have been fixed in version 1.6.15-3+deb9u1. We...

Debian: Security Advisory (DLA-2383-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-7312

DLL Search Order Hijacking Vulnerability in the installer in McAfee Agent MA for Windows prior to 5.6.6 allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder...

PT-2020-18471 · Pivotal +1 · Rabbitmq

Name of the Vulnerable Software and Affected Versions: RabbitMQ versions 3.8.x prior to 3.8.7 Description: The issue allows for arbitrary code execution due to a Windows-specific binary planting security vulnerability. An attacker with write privileges to the RabbitMQ installation directory and...

CVE-2020-22721

A File Upload Vulnerability in PNotes - Andrey Gruber PNotes.NET v3.8.1.2 allows a local attacker to execute arbitrary code via the Miscellaneous " External Programs by uploading the malicious .exe file to the external program...

CVE-2020-8913

A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a...