Malwarebytes for Teams 安全漏洞

Malwarebytes for Teams is a multi-terminal protection suite from US-based Malwarebytes, Inc. A security vulnerability exists in Malwarebytes for Teams version 1.0.990 and earlier, which stems from a flaw in the COM interface that could lead to elevated privileges...

CVE-2021-43768

In Malwarebytes For Teams v.1.0.990 and before and fixed in v.1.0.1003 and later a privilege escalation can occur via the COM interface running in mbamservice.exe...

CVE-2021-43768

In Malwarebytes For Teams v.1.0.990 and before and fixed in v.1.0.1003 and later a privilege escalation can occur via the COM interface running in mbamservice.exe...

PT-2025-43621

Name of the Vulnerable Software and Affected Versions Malwarebytes For Teams versions prior to 1.0.1003 Description A privilege escalation can occur through the COM interface within the mbamservice.exe process. Recommendations Update Malwarebytes For Teams to version 1.0.1003 or later...

CVE-2021-43768

In Malwarebytes For Teams v.1.0.990 and before and fixed in v.1.0.1003 and later a privilege escalation can occur via the COM interface running in mbamservice.exe...

EUVD-2025-16873

Malicious code in bioql PyPI...

CVE-2025-27811

A local privilege escalation in the razerelevationservice.exe in Razer Synapse 4 through 4.0.86.2502180127 allows a local attacker to escalate their privileges via a vulnerable COM interface in the target service...

CVE-2025-27811

A local privilege escalation in the razerelevationservice.exe in Razer Synapse 4 through 4.0.86.2502180127 allows a local attacker to escalate their privileges via a vulnerable COM interface in the target service...

CVE-2025-27811

A local privilege escalation in the razerelevationservice.exe in Razer Synapse 4 through 4.0.86.2502180127 allows a local attacker to escalate their privileges via a vulnerable COM interface in the target service...

PT-2025-23806 · Razer · Razer Synapse

Name of the Vulnerable Software and Affected Versions: Razer Synapse versions 4 through 4.0.86.2502180127 Description: A local privilege escalation issue in the razer elevation service.exe allows a local attacker to escalate their privileges via a vulnerable COM interface in the target service...

CVE-2025-27811

A local privilege escalation in the razerelevationservice.exe in Razer Synapse 4 through 4.0.86.2502180127 allows a local attacker to escalate their privileges via a vulnerable COM interface in the target service...

CVE-2025-27811

A local privilege escalation in the razerelevationservice.exe in Razer Synapse 4 through 4.0.86.2502180127 allows a local attacker to escalate their privileges via a vulnerable COM interface in the target service...

CVE-2025-27811

CVE-2025-27811 concerns a local privilege escalation in Razer Synapse 4, specifically via the razer_elevation_service.exe (version 4.0.86.2502180127) that exposes a vulnerable COM interface. The issue allows a local attacker to escalate privileges through this COM interface in the target service....

Matrikon OPC Server

1. EXECUTIVE SUMMARY CVSS v3 5.8 ATTENTION: Exploitable remotely Vendor: Matrikon, a subsidiary of Honeywell Equipment: Matrikon OPC Server Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote command...

Gallagher Command Centre Server Incorrect Privilege Authentication Vulnerability

Gallagher Command Centre Server is a management system used by Gallagher New Zealand to monitor and manage infrastructure in buildings. a security vulnerability exists in the COM interface of Gallagher Command Center Server, which could be exploited by an attacker to retrieve sensitive informatio...

Input validation

Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 MR3 ; 8.40...

VirtualBox 6.0.4 r128413 - COM RPC Interface Code Injection Host Privilege Escalation Exploit

Exploit for windows platform in category local exploits VirtualBox: COM RPC Interface Code Injection Host EoP Platform: VirtualBox 6.0.4 r128413 x64 on Windows 10 1809 Class: Elevation of Privilege Summary: The hardened VirtualBox process on a Windows host doesn’t secure its COM interface leading...

VirtualBox 6.0.4 r128413 - COM RPC Interface Code Injection Host Privilege Escalation

VirtualBox: COM RPC Interface Code Injection Host EoP Platform: VirtualBox 6.0.4 r128413 x64 on Windows 10 1809 Class: Elevation of Privilege Summary: The hardened VirtualBox process on a Windows host doesn’t secure its COM interface leading to arbitrary code injection and EoP. Description: This...

Ali wangwang 2010 remote code execution vulnerability

漏洞复现 阿里旺旺2010版本的ImageMan.dll动态链接库中，有一个COM接口负责处理图片信息，其中有一个函数AutoPic存在漏洞，当在html中加载这个COM接口，并传入特殊字符串时，会由于对字符串长度没有进行检查，在拷贝时读取到不可用地址，从而导致程序进入SEH异常处理，通过超长payload可以覆盖SEH指针从而达到eip可控的效果，下面对此漏洞进行详细分析。 首先安装阿里旺旺2010，之后用IE打开，发现IE崩溃，通过附加windbg，可以到达漏洞崩溃位置。 a5c.628: Access violation - code c0000005 first chance...