1501 matches found
Windows Modules Installer Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Modules Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an attacker would first need code execution on a victim...
Windows Error Reporting Information Disclosure Vulnerability
An information disclosure vulnerability exists when Windows Error Reporting improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to disclose information. T...
Windows System Events Broker Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows System Events Broker improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an attacker would first need code execution on a victim...
Windows iSCSI Target Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows iSCSI Target Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an attacker would first need code execution on a victim...
Windows Storage Services Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an attacker would first need code execution on a victim syste...
KB4558998: Windows 10 Version 1809 and Windows Server 2019 July 2020 Security Update
The remote Windows host is missing security update 4558998. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when the Windows System Events Broker improperly handles file operations. An attacker who successfully exploited this vulnerability...
KB4565503: Windows 10 Version 2004 July 2020 Security Update
The remote Windows host is missing security update 4565503. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when the Windows System Events Broker improperly handles file operations. An attacker who successfully exploited this vulnerability...
Check Point ZoneAlarm Symlink Following Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ZoneAlarm...
(0Day) CentOS Web Panel ajax_mod_security archivo Arbitrary File Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to write arbitrary files on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the archivo parameter, the process does not properly...
(0Day) NEC ESMPRO Manager GetEuaLogDownloadAction Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ESMPRO Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetEuaLogDownloadAction class. The issue results from the lack of proper...
CVE-2020-14975
The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to delete, move, or copy arbitrary files via IOCTL code 0x222124...
(Pwn2Own) Rockwell Automation FactoryTalk View SE Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation FactoryTalk View SE. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of project files. The issue results from the lack o...
(Pwn2Own) Rockwell Automation FactoryTalk Linx CopyRenameProject Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Studio 5000. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the CopyRenameProject parameter provided to hmiisapi.dll...
Microsoft Windows Update Orchestrator Service Elevation of Privilege Vulnerability
Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows Update Orchestrator Service, which arises from a program that does not properly handle file operations and can be...
Microsoft Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows Backup Service is one of the backup service components. A privilege...
CVE-2020-1313
An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'...
CVE-2020-1293
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1278...
CVE-2020-1278
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1293...
CVE-2020-1278
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1293...
CVE-2020-1271
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'...