CVE-2023-1450 MP4v2 mp4trackdump.cpp DumpTrack denial of service

A vulnerability was found in MP4v2 2.1.2 and classified as problematic. This issue affects the function DumpTrack of the file mp4trackdump.cpp. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The...

CVE-2023-1448 GPAC mpegts.c gf_m2ts_process_sdt heap-based overflow

A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gfm2tsprocesssdt of the file mediatools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been...

CVE-2023-1446 Watchdog Anti-Virus IoControlCode wsdk-driver.sys 0x80002008 denial of service

A vulnerability classified as problematic was found in Watchdog Anti-Virus 1.4.214.0. Affected by this vulnerability is the function 0x80002004/0x80002008 in the library wsdk-driver.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be...

CVE-2022-34417

CVE-2022-34417 affects Dell PowerEdge BIOS and Dell Precision BIOS due to an improper SMM communication buffer verification. A local attacker with high privileges may exploit this to achieve arbitrary code execution or cause denial of service. The connected documents confirm affected components a...

CVE-2022-34412

Summary (CVE-2022-34412): Dell PowerEdge BIOS and Dell Precision BIOS contain an improper SMM (System Management Mode) communication buffer verification vulnerability. A local attacker with high privileges may exploit this flaw to achieve arbitrary code execution or cause a denial of service. The...

Authentication flaw

A vulnerability was found in TG Soft Vir.IT eXplorer 9.4.86.0. It has been rated as problematic. This issue affects the function 0x82730088 in the library VIRAGTLT.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. T...

CVE-2022-47460

In gpu device, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel...

CVE-2023-24465

Communication Wi-Fi subsystem within OpenHarmony-v3.1.4 and prior versions, OpenHarmony-v3.0.7 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause the current application to crash...

PT-2023-16856 · Unknown · Kylin-System-Updater

Name of the Vulnerable Software and Affected Versions: kylin-system-updater versions up to 1.4.20kord Description: A critical issue was found in the kylin-system-updater, affecting the InstallSnap function of the Update Handler component. This issue leads to command injection and requires a local...

Privilege escalation

In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778...

CVE-2023-1187

A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This issue affects some unknown processing in the library ftwebcam.sys of the component Global Variable Handler. The manipulation leads to denial of service. It is possible to launch the attack...

CVE-2023-1189 WiseCleaner Wise Folder Hider IoControlCode WiseFs64.sys 0x222410 denial of service

A vulnerability was found in WiseCleaner Wise Folder Hider 4.4.3.202. It has been declared as problematic. Affected by this vulnerability is the function 0x222400/0x222404/0x222410 in the library WiseFs64.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An...

CVE-2023-1189

CVE-2023-1189 affects WiseCleaner Wise Folder Hider (v4.4.3.202) — the vulnerability lies in the WiseFs64.sys IoControlCode Handler, specifically within functions 0x222400/0x222404/0x222410. The manipulation leads to a denial of service and requires a local attack vector. A PoC/exploit has been p...

PT-2023-10632 · Unknown · Vocable Trainer

Name of the Vulnerable Software and Affected Versions: hgzojer Vocable Trainer versions up to 1.3.0 Description: A critical vulnerability was found in the hgzojer Vocable Trainer, affecting unknown code of the file VocableTrainerProvider.java. The manipulation leads to path traversal, and attacki...

PT-2023-16792 · Unknown · Kylin-Activation

Name of the Vulnerable Software and Affected Versions: kylin-activation versions prior to 1.3.11-23 and 1.30.10-5.p23 Description: A critical issue was found in the File Import component of kylin-activation, leading to improper authorization. The attack must be approached locally. The exploit has...

PUB-A-242203672

In ffamrdprot of sharedmem.c, there is a possible ID due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-239630493

In fdtnexttag of fdt.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-25540

Dell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability to overwrite arbitrary files causing denial of service...

CVE-2023-20940

In the Android operating system, there is a possible way to replace a boot partition due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

PT-2023-16716 · Techpowerup · Techpowerup Realtemp

Name of the Vulnerable Software and Affected Versions: TechPowerUp RealTemp version 3.7.0.0 Description: A critical vulnerability was found in the library WinRing0x64.sys, leading to improper initialization. The attack must be approached locally. The exploit has been disclosed to the public and m...