95 matches found
CVE-2026-7997
Insufficient validation of untrusted input in Updater in Google Chrome on Mac prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Low...
CVE-2025-7389
A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server through the adopted authority of the AdminServer process itself. The delegated authority of the AdminServer could allow its users the ability to read...
EUVD-2020-17430
Malware in sbrugna...
EUVD-2019-5110
Malware in sbrugna...
CVE-2024-53919
Barco ClickShare CX-30/20, C-5/10, and ClickShare Bar Pro/Core models running firmware before 2.21.1 are affected by an injection vulnerability in the webUI that allows physically proximate attackers or local admins to trigger OS-level command execution as root. The issue affects the web interfac...
CVE-2024-50367
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...
CVE-2024-50367
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...
CVE-2024-50362
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...
CVE-2024-50360
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...
Security Bulletin: IBM Sterling Control Center is affected by multiple container-level vulnerabilities
Summary IBM Sterling Control Center container includes a vulnerable version of glibc at the OS level, affected by a denial of service Vulnerability Details CVEID:CVE-2024-33602 DESCRIPTION: glibc is vulnerable to a denial of service, caused by a memory corruption by the Name Service Cache Daemon'...
Google Chrome Input Validation Error Vulnerability (CNVD-2024-34504)
Google Chrome is a web browser of Google Google, U.S. V8 is one of the open source JavaScript engine. Google Chrome suffers from an input validation error vulnerability that can be exploited by an attacker to perform OS-level privilege escalation via a malicious file...
CVE-2024-3173
Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...
CVE-2024-3173
Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...
CVE-2024-3173
Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...
CVE-2024-3173
Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...
CVE-2024-39872
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application does not properly assign rights to temporary files created during its update process. This could allow an authenticated attacker with the 'Manage firmware updates' role to escalate...
CVE-2024-39872
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application does not properly assign rights to temporary files created during its update process. This could allow an authenticated attacker with the 'Manage firmware updates' role to escalate...
CVE-2024-39872
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application does not properly assign rights to temporary files created during its update process. This could allow an authenticated attacker with the 'Manage firmware updates' role to escalate...
Fedora 39 : xrdp (2023-5134642a68)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5134642a68 advisory. Release notes for xrdp v0.9.23 2023/08/31 General announcements - Running xrdp and xrdp-sesman on separate hosts is still supported by this release,...
Remote Code Execution (RCE)
Azure.Identity is vulnerable to Remote Code Execution. The vulnerability is due to improper property sanitization, which allows an attacker to pass a specially crafted OS-level command to a specific SDK property which can result in Remote Code Execution. The vulnerability exists in the...