Lucene search
K

22 matches found

ICS
ICS
added 2025/10/16 6:0 a.m.7 views

Rockwell Automation FactoryTalk Linx

RISK EVALUATION Successful exploitation of these vulnerabilities may allow full access to all files, processes, and system resources. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also...

8.5CVSS6.5AI score0.00172EPSS
Exploits0References10
CVE
CVE
added 2025/10/14 12:23 p.m.17 views

CVE-2025-9068

CVE-2025-9068 affects Rockwell Automation Driver Package x64 MSI repair functionality (installed with FTLinx). Authenticated Windows users can initiate a repair and hijack the console window for vbpinstall.exe, spawning a SYSTEM-level command prompt with full access to files, processes, and syste...

8.5CVSS6.4AI score0.00166EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/14 12:23 p.m.5 views

EUVD-2025-34183

A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File MSI repair functionality, installed with FTLinx. Authenticated attackers with valid Windows Users credentials can initiate a repair and hijack the resulting console window for vbpinstall.exe. This...

8.5CVSS6.3AI score0.00166EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.7 views

PT-2025-41917

Name of the Vulnerable Software and Affected Versions Rockwell Automation Driver Package x64 affected versions not specified Description A security issue exists in the Rockwell Automation Driver Package x64 Microsoft Installer File MSI repair functionality, installed with FTLinx. An authenticated...

8.5CVSS6.2AI score0.00166EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-29352

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00208EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-51280

Malicious code in bioql PyPI...

8.4CVSS7.7AI score0.0018EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 5:15 a.m.10 views

CVE-2023-47145

IBM Db2 for Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. IBM X-Force ID: 270402...

8.4CVSS6.5AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:25 a.m.9 views

CVE-2023-25396

Privilege escalation in the MSI repair functionality in Caphyon Advanced Installer 20.0 and below allows attackers to access and manipulate system files...

7.8CVSS7.2AI score0.00208EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/03 12:0 a.m.2 views

PT-2024-7800 · Palo Alto Networks +1 · Palo Alto Networks Globalprotect +1

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks GlobalProtect App versions prior to 6.2.5 Description: A privilege escalation issue in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their...

7.8CVSS7.7AI score0.00286EPSS
Exploits1References17
Prion
Prion
added 2024/01/25 4:15 p.m.20 views

Design/Logic Flaw

The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...

4.3CVSS7.2AI score0.00179EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/01/07 7:15 p.m.19 views

CVE-2023-47145

IBM Db2 for Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. IBM X-Force ID: 270402...

8.4CVSS8AI score0.0018EPSS
Exploits0References3
Prion
Prion
added 2024/01/07 7:15 p.m.22 views

Code injection

IBM Db2 for Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. IBM X-Force ID: 270402...

4.3CVSS6.8AI score0.0018EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/01/07 6:58 p.m.22 views

CVE-2023-47145 IBM Db2 for Windows privilege escalation

IBM Db2 for Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. IBM X-Force ID: 270402...

8.4CVSS8.1AI score0.0018EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/01/07 6:58 p.m.19 views

CVE-2023-47145 IBM Db2 for Windows privilege escalation

IBM Db2 for Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 could allow a local user to escalate their privileges to the SYSTEM user using the MSI repair functionality. IBM X-Force ID: 270402...

8.4CVSS8AI score0.0018EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/01/07 12:0 a.m.3 views

PT-2024-1064 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Windows includes Db2 Connect Server versions 10.5 through 11.5 Description: The issue is related to insufficient access control in IBM DB2 and DB2 Connect Server, which could allow a local user to escalate their privileges to the...

8.4CVSS7.4AI score0.0018EPSS
Exploits0References12
NVD
NVD
added 2023/02/08 7:15 p.m.28 views

CVE-2023-25396

Privilege escalation in the MSI repair functionality in Caphyon Advanced Installer 20.0 and below allows attackers to access and manipulate system files...

7.8CVSS7.8AI score0.00208EPSS
Exploits0References1
Prion
Prion
added 2023/02/08 7:15 p.m.20 views

Privilege escalation

Privilege escalation in the MSI repair functionality in Caphyon Advanced Installer 20.0 and below allows attackers to access and manipulate system files...

4.3CVSS7.8AI score0.00208EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/08 12:0 a.m.9 views

CVE-2023-25396

Privilege escalation in the MSI repair functionality in Caphyon Advanced Installer 20.0 and below allows attackers to access and manipulate system files...

7.8CVSS7.4AI score0.00208EPSS
Exploits0References1
CVE
CVE
added 2023/02/08 12:0 a.m.43 views

CVE-2023-25396

CVE-2023-25396 affects Caphyon Advanced Installer (MSI repair functionality) with privilege escalation in versions 20.0 and below. The root cause is an elevation of privilege via the MSI repair feature, allowing an attacker to access and manipulate system files. Relevant sources consistently desc...

7.8CVSS7.7AI score0.00208EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/04/08 12:0 a.m.5 views

RealVNC VNC Server 安全漏洞

RealVNC VNC Server is a VNC server for remote access software from RealVNC UK. RealVNC VNC Server has a security vulnerability. An attacker can bypass the restrictions of RealVNC VNC Server via MSI Repair to elevate his privileges...

10CVSS7.3AI score0.04052EPSS
Exploits1References4
Rows per page
Query Builder