Panda Gold Protection 2014 Privilege Escalation Vulnerability (CVE-2014-3450) - Windows

Panda Gold Protection 2014 is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Panda Small Business Protection <= 16.1.2 Privilege Escalation Vulnerability

Panda Small Business Protection is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

VHD Driver Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Virtual Hard Disk Drive fails to properly handle user access to certain files. An attacker who successfully exploited the vulnerability could manipulate files in locations not intended to be available to the user. To exploit the...

Microsoft Windows VHDFS Driver Elevation of Privilege (MS16-138: CVE-2016-7224)

Multiple elevation of privilege vulnerabilities exist in the Windows VHDMP kernel driver. The vulnerability is due to the way driver fails to properly handle user access to certain files. An attacker can exploit this vulnerability by gaining access to the local system and executing a specially...

MySQL / MariaDB / PerconaDB 提权/条件竞争漏洞（CVE-2016-6663）

Release date: 01.11.2016 - Discovered by: Dawid Golunski I. VULNERABILITY ------------------------- MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition MariaDB 5.5.52 10.1.18 10.0.28 MySQL = 5.5.51 = 5.6.32 = 5.7.14 Percona Server 5.5.51-38.2 5.6.32-78-1 5.7.14-8 Percona XtraDB...

PDF Complete Office Edition 4.1.12 - Unquoted Service Path Privilege Escalation Exploit

Exploit Title : PDFcompletecorporateedition.rb - 'Unquoted Service Path Privilege Escalation' PDF Version : 4.1.12 vuln Discover : Joey Lane Module Author : pedr0 Ubuntu r00t-3xp10it Tested on : Windows 7 Professional Software Link : http://www.pdfcomplete.com/cms/Downloads.aspx "This was tested ...

Linux kernel 2.6.22 < 3.9 elevation of privilege vulnerability (Dirty COW)

Summary A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only memory mappings. All the information we have so far is included in this page. The bug has existed since around 2.6.22 released in 2007 and was fixed on Oct...

PDF Complete 4.1.12 Corporate Edition Privilege Escalation

Exploit Title: PDF Complete Corporate Edition - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Software Link: http://www.pdfcomplete.com/cms/Downloads.aspx Version: 4.1.12 Tested on: Windows 7 Professional PDF Complete Corporate Edition installs a service wi...

Lenovo Slim USB Keyboard 1.09 Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Exploit Title: Lenovo Slim USB Keyboard - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 1.09 Tested on: Windows 7 Professional The Lenovo Slim USB Keyboard service is installed with an unquote...

PDF Complete 4.1.12 Corporate Edition - Unquoted Service Path Privilege Escalation

PDF Complete 4.1.12 Corporate Edition - Unquoted Service Path Privilege Escalation Exploit Title: PDF Complete Corporate Edition - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Software Link: http://www.pdfcomplete.com/cms/Downloads.aspx Version: 4.1.12...

Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path Privilege Escalation

Exploit Title: Lenovo ThinkVantage Communications Utility - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 3.0.42.0 Tested on: Windows 7 Professional The Lenovo ThinkVantage Communications Utility installs 2 services with unquoted service paths. Thi...

Realtek High Definition Audio Driver 6.0.1.6730 - Unquoted Service Path Privilege Escalation

Exploit Title: Realtek High Definition Audio Driver - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 6.0.1.6730 Tested on: Windows 7 Professional The Realtek High Definition Audio Driver installs a service with an unquoted service path. This enables...

Graylog Collector 0.4.2 - Unquoted Service Path Privilege Escalation

Exploit Title: Graylog Collector Service Path Privilege Escalation Date: 10/14/2016 Exploit Author: Joey Lane Software Link: https://github.com/Graylog2/collector Version: 0.4.2 Tested on: Windows Server 2012 R2 Graylog Collector installs as a service with an unquoted service path. If the user...

SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation

Exploit for windows platform in category local exploits Document Title: ================ SolarWinds Kiwi CatTools Unquoted Service Path Privilege Escalation Vulnerability Author: ======== Halil Dalabasmaz Release Date: ============== 29 SEP 2016 Product & Service Introduction:...

SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation

Exploit for windows platform in category local exploits Document Title: ================ SolarWinds Kiwi Syslog Server Unquoted Service Path Privilege Escalation Vulnerability Author: ======== Halil Dalabasmaz Release Date: ============== 29 SEP 2016 Product & Service Introduction:...

Kaspersky Internet Security KL1 Driver Signal Handler Denial of Service

Summary A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user...

Arbitrary file manipulation by local user through Mozilla updater and callback application path parameter — Mozilla

Security researcher Holger Fuhrmannek reported that when the Updater is opened directly using the callback application path parameter, a copy of a user specified file is made as a callback file. If the target of this file is made with a locked hardlink, an arbitrary local file can be replaced on...

The vulnerability of the Windows operating system, which allows a malicious individual to increase their privileges

A vulnerability that allows for increased privileges exists in the Windows operating system and is related to incorrect file comparison. If exploited successfully, a malicious individual will be able to execute arbitrary code within the Local System account. They will also be able to install...

Panda Security Multiple Products - Privilege Escalation

Exploit for windows platform in category local exploits Exploit Title: Panda Security Privilege Escalation Date: 27/6/2016 Exploit Author: Security-Assessment.com Vendor Homepage: http://www.pandasecurity.com Version: Panda Global Protection 2016 16.1.2,Panda Antivirus Pro 2016 16.1.2,Panda Small...

Panda Security (Multiple Products) - Local Privilege Escalation

Exploit Title: Panda Security Privilege Escalation Date: 27/6/2016 Exploit Author: Security-Assessment.com Vendor Homepage: http://www.pandasecurity.com Version: Panda Global Protection 2016 16.1.2,Panda Antivirus Pro 2016 16.1.2,Panda Small Business Protection 16.1.2,Panda Internet Security 2016...