Lucene search
+L

172 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-7348

Malware in sbrugna...

7.8CVSS7.7AI score0.00293EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-4174

Malware in sbrugna...

6.9CVSS6.4AI score0.00756EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2025/05/22 7:53 p.m.7 views

CVE-2021-35312

A vulnerability was found in CIR 2000 / Gestionale Amica Prodigy v1.7. The Amica Prodigy's executable "RemoteBackup.Service.exe" has incorrect permissions, allowing a local unprivileged user to replace it with a malicious file that will be executed with "LocalSystem" privileges...

7.8CVSS6.5AI score0.01129EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:25 p.m.9 views

CVE-2021-25276

In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files that include users' password hashes that is world readable and writable. An unprivileged Windows user having access to the server's filesystem can add an FTP user by copying a valid profile file to thi...

7.1CVSS7AI score0.00468EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:1 p.m.20 views

CVE-2020-25094

LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments into a WebSocket. These are forwarded to any remote server with a LogRhythm Smart Response agent installed. By default, the commands are run with LocalSystem...

10CVSS7.3AI score0.03112EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/04/08 5:28 a.m.7 views

CVE-2024-23847

Incorrect default permissions issue exists in Unifier and Unifier Cast. If this vulnerability is exploited, arbitrary code may be executed with LocalSystem privilege. As a result, a malicious program may be installed, data may be altered or deleted...

7.8CVSS7.7AI score0.0017EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/03/06 5:27 a.m.4 views

Multiple vulnerabilities in RemoteView Agent (for Windows)

Overview RemoteView allows a local PC to connect and control remote PCs through the cloud service provided by RSUPPORT Co.,Ltd. On the remote PCs should be installed RemoteView Agent. The following vulnerabilities are reported on RemoteView Agent installation. Incorrect access permission of a...

7.8CVSS7AI score0.00143EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/06 12:0 a.m.7 views

RSUPPORT RemoteView Agent 安全漏洞

RSUPPORT RemoteView Agent is a remote control agent program from RSUPPORT Japan. A security vulnerability exists in RSUPPORT RemoteView Agent versions prior to v8.1.5.2, which stems from incorrect access permissions to a specific folder, and could cause a non-administrative user to execute...

7.8CVSS8AI score0.00143EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/06 12:0 a.m.5 views

RSUPPORT RemoteView Agent 安全漏洞

RSUPPORT RemoteView Agent is a remote control agent program from RSUPPORT Japan. A security vulnerability exists in RSUPPORT RemoteView Agent versions prior to v8.1.5.2, which stems from incorrect access privileges to specific services, and could cause a non-administrative user to execute arbitra...

7.8CVSS7.9AI score0.00143EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 2:57 p.m.421 views

CVE-2020-15261

On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges. Since Veyon users both students and teachers usually don't have...

8CVSS6.5AI score0.11255EPSS
Exploits4
CNNVD
CNNVD
added 2024/03/26 12:0 a.m.5 views

SikkaSoft Platform Utility 安全漏洞

SikkaSoft Platform Utility is a cloud platform from SikkaSoft, Inc. A security vulnerability exists in SikkaSoft Platform Utility version 5 2023-09-14 that originates from allowing a low-privileged user to execute arbitrary code with LocalSystem privileges...

8.8CVSS7.7AI score0.0058EPSS
Exploits1References2
NVD
NVD
added 2021/08/06 7:15 p.m.11 views

CVE-2021-35312

A vulnerability was found in CIR 2000 / Gestionale Amica Prodigy v1.7. The Amica Prodigy's executable "RemoteBackup.Service.exe" has incorrect permissions, allowing a local unprivileged user to replace it with a malicious file that will be executed with "LocalSystem" privileges...

7.8CVSS0.01129EPSS
Exploits4References2
Prion
Prion
added 2021/08/06 7:15 p.m.14 views

Design/Logic Flaw

A vulnerability was found in CIR 2000 / Gestionale Amica Prodigy v1.7. The Amica Prodigy's executable "RemoteBackup.Service.exe" has incorrect permissions, allowing a local unprivileged user to replace it with a malicious file that will be executed with "LocalSystem" privileges...

7.2CVSS7.4AI score0.01129EPSS
Exploits4References2Affected Software1
CVE
CVE
added 2021/08/06 6:53 p.m.141 views

CVE-2021-35312

CVE-2021-35312 affects CIR 2000 / Gestionale Amica Prodigy v1.7. The vulnerability stems from incorrect permissions on RemoteBackup.Service.exe, allowing a local unprivileged user to replace the executable and execute code with LocalSystem privileges (privilege escalation). Public documents (Expl...

7.8CVSS7.4AI score0.01129EPSS
Exploits4References2Affected Software1
NVD
NVD
added 2021/07/08 1:15 p.m.18 views

CVE-2021-34110

WinWaste.NET version 1.0.6183.16475 has incorrect permissions, allowing a local unprivileged user to replace the executable with a malicious file that will be executed with "LocalSystem" privileges...

7.8CVSS0.01154EPSS
Exploits4References4
Prion
Prion
added 2021/07/08 1:15 p.m.9 views

Code injection

WinWaste.NET version 1.0.6183.16475 has incorrect permissions, allowing a local unprivileged user to replace the executable with a malicious file that will be executed with "LocalSystem" privileges...

4.6CVSS7.4AI score0.01154EPSS
Exploits4References5Affected Software1
0day.today
0day.today
added 2021/07/01 12:0 a.m.90 views

WinWaste.NET 1.0.6183.16475 Local Privilege Escalation Vulnerability

WinWaste.NET version 1.0.6183.16475 allows a local unprivileged user to replace the executable with a malicious file that will be executed with LocalSystem privileges. Exploit Title: WinWaste.NET - Privilege Escalation due Incorrect Access Control Author: Andrea Intilangelo Vendor Homepage:...

7.8CVSS7.6AI score0.01154EPSS
Exploits4
Prion
Prion
added 2021/02/03 5:15 p.m.31 views

Design/Logic Flaw

In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files that include users' password hashes that is world readable and writable. An unprivileged Windows user having access to the server's filesystem can add an FTP user by copying a valid profile file to thi...

3.6CVSS6.9AI score0.00468EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2020/12/17 3:15 a.m.34 views

CVE-2020-25094

LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments into a WebSocket. These are forwarded to any remote server with a LogRhythm Smart Response agent installed. By default, the commands are run with LocalSystem...

10CVSS9.6AI score0.03112EPSS
Exploits1References1
OSV
OSV
added 2020/12/17 3:15 a.m.4 views

CVE-2020-25094

LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments into a WebSocket. These are forwarded to any remote server with a LogRhythm Smart Response agent installed. By default, the commands are run with LocalSystem...

9.8CVSS7.5AI score0.03112EPSS
Exploits1References1
Rows per page
Query Builder