CVE-2023-32153 D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability

D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existing...

CVE-2023-32142 D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The...

CVE-2023-27346 TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...

CVE-2022-48685

An issue was discovered in Logpoint 7.1 before 7.1.2. The daily executed cron file cleansecbioldlogs is writable by all users and is executed as root, leading to privilege escalation...

Lexmark CX331adwe IPP Server Authorization HTTP Header Heap-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IPP server, which listens on TCP port 631 by default. The issue...

Wazuh Active Response Module Improper Input Validation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Wazuh. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of IP address arguments. The issue results from the lack of proper validation of JSON...

CVE-2024-20356

CVE-2024-20356 affects Cisco’s Integrated Management Controller (IMC) web-based UI. Affected component: CIMC web interface; root cause: insufficient input validation enabling authenticated, Administrator-level attackers to perform command injection and elevate to root. Documented impact: remote c...

Cisco ASA and FTD Privilege Escalation Vulnerability

Cisco Adaptive Security Appliance ASA and Firepower Threat Defense FTD contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root...

Cisco IMC Flaw Enables Attackers to Escalate Privileges to Root

...

CVE-2024-1180

CVE-2024-1180 refers to a command-injection vulnerability in TP-Link Omada ER605 where the root cause is improper validation of a user-supplied string in the name field of the access control UI. This flaw can allow network-adjacent attackers to execute arbitrary code with root privileges, and exp...

CVE-2024-27521

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain an unauthenticated remote command execution RCE vulnerability via multiple parameters in the "setOpModeCfg" function. This security issue allows an attacker to take complete control of the device. In detail, exploitation allows...

CVE-2024-27301

Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...

CVE-2024-27301

CVE-2024-27301 affects Support App (Apple devices management). The root cause is in the postinstall installer script using shebang #!/bin/zsh, which prompts for root credentials but executes within the user’s HOME, loading $HOME/.zshenv; an attacker can inject code into that file to gain root pri...

CVE-2024-1725

A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...

CVE-2024-23320 Apache DolphinScheduler: Arbitrary js execution as root for authenticated users

Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server. This issue is a legacy of CVE-2023-49299. We didn't fix it completely in CVE-2023-49299, and we added one more patch to fix it. This...

Privilege escalation

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'...

CVE-2024-22235

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'...

Schneider Electric EcoStruxure IT Gateway Hard-Coded Credentials Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric EcoStruxure IT Gateway. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

CVE-2024-22426

Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains an OS Command injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary operating system commands, which will get executed in the context of the root user,...

CVE-2022-23086

Handlers for CFGPAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer of a caller-specified size, but copied to it a fixed size header. Other heap content would be overwritten if the specified size was too small. Users with access to the mpr, mps or mpt device node may...