Win32k Information Disclosure Vulnerability

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker would have to eithe...

Windows ALPC Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call ALPC. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view...

Deep Instinct Windows Agent 1.2.29.0 - DeepMgmtService Unquoted Service Path

Deep Instinct Windows Agent 1.2.29.0 - DeepMgmtService Unquoted Service Path Exploit Title: Deep Instinct Windows Agent 1.2.29.0 - 'DeepMgmtService' Unquoted Service Path Discovery by: Oscar Flores Discovery Date: 2020-03-05 Vendor Homepage: https://www.deepinstinct.com/ Software Links :...

CVE-2020-5957

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...

Input validation

Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements within a Webex...

DHCP Turbo 4.61298 - (DHCP Turbo 4) Unquoted Service Path Vulnerability

Exploit Title: DHCP Turbo 4.61298 - 'DHCP Turbo 4' Unquoted Service Path Exploit Author: boku Vendor Homepage: https://www.weird-solutions.com Software Link: https://www.weird-solutions.com/download/products/dhcptv4retailIA32.exe Version: 4.6.1298 Tested On: Windows 10 32-bit C:\Users\usersc qc...

Confluence on Windows was vulnerable to DLL hijacking - CVE-2019-20406

The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a dll file in a directory in the global path environmental variable variable to inject code & escala...

Cisco Webex Network Recording Player and Cisco Webex Player (cisco-sa-20191106-webex-player)

The version of Cisco WebEx Network Recording Player and Cisco Webex Player installed on the remote host is affected by arbitrary code execution vulnerabilities due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format ARF or the Webex...

CVE-2019-17009

When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. Note: This attack requires local system access and only affects Windows. Other...

Sql injection

When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. Note: This attack requires local system access and only affects Windows. Other...

CVE-2019-17009

CVE-2019-17009 affects Mozilla Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox

CVE-2019-17009

When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. Note: This attack requires local system access and only affects Windows. Other...

Nord Security: Race condition (TOCTOU) in NordVPN can result in local privilege escalation

Summary: A vulnerability exists in the NordVPN service, which is installed as part of the NordVPN Windows app. By exploiting a race condition in the NordVPN service it is possible to launch OpenVPN with a user-supplied configuration file. By setting an OpenSSL engine name within this configuratio...

CVE-2019-5702

NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...

CVE-2019-5702

Summary: CVE-2019-5702 affects NVIDIA GeForce Experience prior to 3.20.2. When GameStream is enabled, a local attacker with system access can corrupt a system file, leading to denial of service or privilege escalation. The vulnerability affects all versions before 3.20.2; exploitation requires lo...

CVE-2019-19460

An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...

CVE-2019-19460

An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...

CVE-2019-19460

An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...

CVE-2019-15286

Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist due to insufficient validation of certain elements with a Webex...

CVE-2011-2916

qtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world-readable or world-executable home directory, another local system user could obtain the private key used to connect to remote NX sessions...