2913 matches found
kernel: hid: Use After Free in asus_remove()
A use-after-free flaw was found in asuskbdbacklightset in drivers/hid/hid-asus.c in the Linux Kernel. This issue could allow an attacker to crash the system when plugging in or disconnecting a malicious USB device, which may lead to a kernel information leak problem...
CVE-2024-21840
Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2...
CVE-2024-21840
Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2...
Design/Logic Flaw
Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2...
CVE-2024-21840 Directory and File Permission Vulnerability in Hitachi Storage Plug-in for VMware vCenter
Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2...
CVE-2024-21840 Directory and File Permission Vulnerability in Hitachi Storage Plug-in for VMware vCenter
Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2...
D-Link DAP-1650 Command Injection Vulnerability
The D-Link DAP-1650 is a WiFi range extender from China AUO D-Link. A security vulnerability exists in the D-Link DAP-1650 that originates from a command injection vulnerability when processing UPnP SUBSCRIBE messages...
kernel: hid: Use After Free in asus_remove()
A use-after-free flaw was found in asuskbdbacklightset in drivers/hid/hid-asus.c in the Linux Kernel. This issue could allow an attacker to crash the system when plugging in or disconnecting a malicious USB device, which may lead to a kernel information leak problem...
PT-2024-1619 · D Link · D-Link Dap-1650
Name of the Vulnerable Software and Affected Versions: D-Link DAP-1650 affected versions not specified Description: A command injection issue exists when handling UPnP SUBSCRIBE messages, allowing an unauthenticated attacker to gain command execution on the device as root. The vulnerability is...
CVE-2023-47201
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
CVE-2023-47201
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
CVE-2023-47200
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
Input validation
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
CVE-2023-47201
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
CVE-2023-47201
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
CVE-2023-47201
CVE-2023-47201 is described as a local privilege escalation in the Trend Micro Apex One security agent, caused by a plug-in manager origin validation issue. The vulnerability allows a local attacker to escalate privileges on affected installations, with the prerequisite that the attacker can exec...
Oracle TimesTen 22.x < 22.1.1.7.0 Multiple Vulnerabilities (July 2023 CPU)
The version of Oracle TimesTen installed on the remote host is 22.x prior to 22.1.1.7.0. It is, therefore, affected by multiple vulnerabilities as referenced in the July 2023 CPU advisory - Vulnerability in Oracle TimesTen In-Memory Database component: TimesTen IMDB Dell BSAFE Micro Edition Suite...
CVE-2023-51790
Cross Site Scripting vulnerability in piwigo v.14.0.0 allows a remote attacker to obtain sensitive information via the lang parameter in the Admin Tools plug-in component...
CVE-2023-51790
Cross Site Scripting vulnerability in piwigo v.14.0.0 allows a remote attacker to obtain sensitive information via the lang parameter in the Admin Tools plug-in component...
CVE-2023-51790
Cross Site Scripting vulnerability in piwigo v.14.0.0 allows a remote attacker to obtain sensitive information via the lang parameter in the Admin Tools plug-in component...