(0Day) Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of...

(0Day) Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of...

CVE-2022-34900

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.3 39313 Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

CVE-2022-41141

This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of...

CVE-2024-2658

A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 11.19.6.0 allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted...

CVE-2024-2658 Local privilege escalation in FlexNet Publisher

A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 11.19.6.0 allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted...

CVE-2024-2658 Local privilege escalation in FlexNet Publisher

A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 11.19.6.0 allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted...

CVE-2024-2658

CVE-2024-2658 describes a local privilege-escalation flaw in Flexera FlexNet Publisher prior to 2024 R1 (11.19.6.0) caused by a lmadmin.exe misconfiguration that allows the OpenSSL configuration file to load from a non-existent directory. An authenticated, low-privilege local user could create th...

The vulnerability of the openssl.conf configuration file of the FlexNet Publisher licensing management software allows a perpetrator to increase their privileges and execute arbitrary code.

The vulnerability of the openssl.conf configuration file of the FlexNet Publisher licensing management software is related to an uncontrolled element in the search process. Exploiting this vulnerability allows a perpetrator to enhance their privileges and execute arbitrary code...

BIT-NODE-MIN-2022-32222

A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3...

CVE-2024-6975

Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file. This issue affects SDP Client before 5.10.34...

CVE-2024-6975

Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file. This issue affects SDP Client before 5.10.34...

CVE-2024-6975 Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file

Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file. This issue affects SDP Client before 5.10.34...

CVE-2024-6975

CVE-2024-6975 concerns Cato Networks Windows SDP Client prior to 5.10.34. The vulnerability is a local privilege escalation through the openssl configuration file, affecting the SDP Client component. Public sources in connected documents consistently describe a local-exploitation risk with no rem...

CVE-2024-6975 Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file

Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file. This issue affects SDP Client before 5.10.34...

PT-2024-38014 · Cato Networks · Cato Networks Windows Sdp Client

Name of the Vulnerable Software and Affected Versions: Cato Networks Windows SDP Client versions prior to 5.10.34 Description: The issue is related to a local privilege escalation vulnerability in the Cato Networks Windows SDP Client via the openssl configuration file. Recommendations: For versio...

Tenable Nessus Network Monitor Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Tenable Nessus Network Monitor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2023-27362

3CX Uncontrolled Search Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 3CX. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

CVE-2023-27362

3CX Uncontrolled Search Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 3CX. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

openssl security update

1:3.0.7-25.0.1 - Replace upstream references Orabug: 34340177 1:3.0.7-25 - Provide relevant diagnostics when FIPS checksum is corrupted Resolves: RHEL-5317 - Don't limit using SHA1 in KDFs in non-FIPS mode. Resolves: RHEL-5295 - Provide empty evpproperties section in main OpenSSL configuration fi...