Lucene search
K

79 matches found

ptsecurity
ptsecurity
added 2024/03/20 12:0 a.m.4 views

PT-2024-5009 · Openvpn +1 · Openvpn +1

Name of the Vulnerable Software and Affected Versions: OpenVPN versions 2.6.9 and earlier Description: The issue is related to the unrestricted loading of plug-in files in OpenVPN on Windows. This allows an attacker to load an arbitrary plug-in, which can interact with the privileged OpenVPN...

9.8CVSS6.8AI score0.09759EPSS
Exploits0References36
zdi
zdi
added 2023/08/15 12:0 a.m.54 views

Microsoft Windows Error Reporting Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Furthermore, exploitation is possible only in...

7CVSS7.1AI score0.10996EPSS
Exploits0References1
f5
f5
added 2023/02/21 6:54 p.m.35 views

K21595932: Samba vulnerability CVE-2018-1057

Security Advisory Description On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service...

8.8CVSS7.4AI score0.10308EPSS
Exploits1
prion
prion
added 2021/06/01 2:15 p.m.21 views

Improper access control

An incorrect access control flaw was found in the kiali-operator in versions before 1.33.0 and before 1.24.7. This flaw allows an attacker with a basic level of access to the cluster to deploy a kiali operand to use this vulnerability and deploy a given image to anywhere in the cluster, potential...

6.5CVSS8.4AI score0.00969EPSS
Exploits0References2Affected Software2
osv
osv
added 2020/12/09 11:15 p.m.3 views

CVE-2020-10143

Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl. Macrium Reflect contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate...

7.8CVSS6.2AI score0.00592EPSS
Exploits0References1
osv
osv
added 2020/10/21 2:15 p.m.8 views

CVE-2020-10139

Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkinsagent. Acronis True Image contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system...

7.8CVSS6.2AI score0.00417EPSS
Exploits0References1
prion
prion
added 2020/10/21 2:15 p.m.28 views

Design/Logic Flaw

Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkinsagent. Acronis Cyber Backup and Cyber Protect contain a privileged service that uses this OpenSSL component. Because unprivileged Windows users can...

7.2CVSS7.8AI score0.00498EPSS
Exploits0References1Affected Software2
nvd
nvd
added 2020/10/20 9:15 p.m.19 views

CVE-2020-15264

The Boxstarter installer before version 2.13.0 configures C:\ProgramData\Boxstarter to be in the system-wide PATH environment variable. However, this directory is writable by normal, unprivileged users. To exploit the vulnerability, place a DLL in this directory that a privileged service is looki...

8CVSS0.01487EPSS
Exploits0References3
prion
prion
added 2020/10/20 9:15 p.m.14 views

Code injection

The Boxstarter installer before version 2.13.0 configures C:\ProgramData\Boxstarter to be in the system-wide PATH environment variable. However, this directory is writable by normal, unprivileged users. To exploit the vulnerability, place a DLL in this directory that a privileged service is looki...

7.2CVSS7.4AI score0.01487EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2020/09/16 12:0 a.m.24 views

CVE-2020-14306

An incorrect access control flaw was found in the operator, openshift-service-mesh/istio-rhel8-operator all versions through 1.1.3. This flaw allows an attacker with a basic level of access to the cluster to deploy a custom gateway/pod to any namespace, potentially gaining access to privileged...

8.4AI score0.013EPSS
Exploits0References2
nvd
nvd
added 2020/07/27 2:15 p.m.31 views

CVE-2020-15593

SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC. It uses an executable running as a high privileged Windows service to perform administrative tasks and collect data from other processes. It distributes functionality among different processes and uses IPC Inter-Process Communicati...

7.8CVSS7.6AI score0.00422EPSS
Exploits1References2
prion
prion
added 2020/07/27 2:15 p.m.17 views

Code injection

SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC. It uses an executable running as a high privileged Windows service to perform administrative tasks and collect data from other processes. It distributes functionality among different processes and uses IPC Inter-Process Communicati...

7.2CVSS7.6AI score0.01855EPSS
Exploits1References2Affected Software1
osv
osv
added 2020/06/23 8:15 p.m.1 views

CVE-2020-14978

An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version verification, an attacker can connect to a privileged XPC service, and execute privileged commands on the system. NOTE: the attacker needs to execute code on an already compromised machine...

8.1CVSS7.5AI score0.03114EPSS
Exploits1References3
prion
prion
added 2020/02/21 11:15 p.m.14 views

Default credentials

Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices e.g., by using default credentials can change the LDAP connection IP...

4CVSS8.7AI score0.01067EPSS
Exploits1References2Affected Software18
attackerkb
attackerkb
added 2020/02/13 12:0 a.m.17 views

Profile API CreateEnvBlock Local Information Disclosure

The exported function CreateEnvBlock from profapi.dll which is used by the CreateEnvironmentBlock API function has an information disclosure vulnerability when building the environment block for a user which can be locally exploited to disclose heap memory of a process calling the API. For exampl...

0.6AI score
Exploits0References1
osv
osv
added 2019/11/18 8:15 p.m.4 views

CVE-2019-18215

An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged service before the...

7.8CVSS7.1AI score0.0059EPSS
Exploits1References3
prion
prion
added 2019/08/29 8:15 p.m.31 views

Design/Logic Flaw

An issue was discovered in Avira Free Security Suite 10. The permissive access rights on the SoftwareUpdater folder files / folders and configuration are incompatible with the privileged file manipulation performed by the product. Files can be created that can be used by an unprivileged user to...

7.2CVSS7.5AI score0.00569EPSS
Exploits0References3Affected Software2
ubuntucve
ubuntucve
added 2018/03/13 12:0 a.m.29 views

CVE-2018-1057

On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts eg Domain Controllers...

8.8CVSS7.1AI score0.10308EPSS
Exploits1References4
exploitpack
exploitpack
added 2016/10/12 12:0 a.m.12 views

Google Android - Binder Generic ASLR Leak

Google Android - Binder Generic ASLR Leak Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=889 The interaction between the kernel /dev/binder and the usermode Parcel.cpp mean that when a binder object is passed as BINDERTYPEBINDER or BINDERTYPEWEAKBINDER, a pointer to that object...

0.4AI score
Exploits0
Rows per page
Query Builder