1075 matches found
Microsoft Windows and Windows Server Privilege Mobilization Vulnerability (CNVD-2020-32093)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A privilege extraction vulnerability exists in Microsoft Windows and Windows Server, which...
Microsoft Windows and Windows Server Privilege Mobilization Vulnerability (CNVD-2020-33433)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A privilege extraction vulnerability exists in Microsoft Windows and Windows Server, which...
Windows Clipboard Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or dele...
Windows Clipboard Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or dele...
Windows Clipboard Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or dele...
Windows Clipboard Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or dele...
Design/Logic Flaw
On NGINX Controller versions 3.1.0-3.3.0, AVRD uses world-readable and world-writable permissions on its socket, which allows processes or users on the local system to write arbitrary data into the socket. A local system attacker can make AVRD segmentation fault SIGSEGV by writing malformed...
CVE-2020-5895
On NGINX Controller versions 3.1.0-3.3.0, AVRD uses world-readable and world-writable permissions on its socket, which allows processes or users on the local system to write arbitrary data into the socket. A local system attacker can make AVRD segmentation fault SIGSEGV by writing malformed...
StoreFront - Citrix Subscriptions Store service not starting up on one storefront server in server group
When launching a published application an error message israndomly seen . "Your apps are not available at this time. Please try again in a few minutes or contact your help desk with this information: Cannot contact Storefront" The issue is caused by subscription service store service not starting...
CVE-2020-8487
Insufficient protection of the inter-process communication functions in ABB System 800xA Base all published versions enables an attacker authenticated on the local system to inject data, affect node redundancy handling...
Design/Logic Flaw
Insufficient protection of the inter-process communication functions in ABB System 800xA Batch Management all published versions enables an attacker authenticated on the local system to inject data, affecting User Interface update during batch execution and/or compare/printing functionalities...
Microsoft Visual Studio Privilege Mobilization Vulnerability (CNVD-2020-24130)
Microsoft Visual Studio is a family of development tool suites from Microsoft and a largely complete set of development tools that includes most of the tools needed throughout the software lifecycle. A lift vulnerability exists in Microsoft Visual Studio that stems from a failure of the Updater...
Microsoft Visual Studio Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Microsoft Visual Studio updater service improperly handles file permissions. An attacker who successfully exploited this vulnerability could overwrite arbitrary file content in the security context of the local system. To exploit this...
Security Updates for Microsoft Visual Studio Products (April 2020)
The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Microsoft Visual Studio updater service improperly handles file permissions. An attacker who successfully exploited thi...
Windscribe 1.83 - (WindscribeService) Unquoted Service Path Vulnerability
Exploit Title: Windscribe 1.83 - 'WindscribeService' Unquoted Service Path Exploit Author: MgThuraMoeMyint Vendor Homepage: https://windscribe.com Version: v1.83 Build 20 Tested on: Windows 10, version 1909 In windscribe v1.83 , there is a service via windscribe that every authenticated user can...
Windscribe 1.83 Build 20 Unquoted Service Path
Exploit Title: Windscribe - Privilege Escalation Date: 4/10/2020 Exploit Author: MgThuraMoeMyint Vendor Homepage: https://windscribe.com Version: v1.83 Build 20 Tested on: Windows 10, version 1909 In windscribe v1.83 , there is a service via windscribe that every authenticated user can modify...
Memu Play 7.1.3 Insecure Folder Permissions
Exploit Title: Memu Play 7.1.3 - Insecure Folder Permissions Discovery by: chuyreds Discovery Date: 2020-03-08 Vendor Homepage: https://www.memuplay.com/ Software Link : https://www.memuplay.com/download-en.php?filename=Memu-Setup&from=officialrelease Tested Version: 7.1.3 Vulnerability Type: Loc...
CVE-2020-0834
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call ALPC.An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege...
Privilege escalation
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call ALPC.An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege...
CVE-2020-5958
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can plant a malicious DLL file, which may lead to code execution, denial of service, or information disclosure...