PT-2022-23177 · Gocd · Gocd

Name of the Vulnerable Software and Affected Versions: GoCD versions prior to 22.2.0 Description: GoCD is a continuous delivery server. The issue arises from inadequate permission restrictions during Windows installations of GoCD server or agent installers outside of the default location. This...

CVE-2022-35899

There is an unquoted service path in ASUSTeK Aura Ready Game SDK service GameSDK.exe 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILESX86%\ASUS\GameSDK.exe file...

CVE-2022-35899

There is an unquoted service path in ASUSTeK Aura Ready Game SDK service GameSDK.exe 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILESX86%\ASUS\GameSDK.exe file...

Mitsubishi Electric GX Works2 安全漏洞

The Mitsubishi Electric GX Works2 is a programmable controller from Mitsubishi Electric Japan. The Mitsubishi Electric GX Works2 contains a security vulnerability that can be exploited by an attacker to tamper with program files in the Mitsubishi Electric PLC by sending maliciously crafted packet...

Trojan-Spy.Win32.WinSpy.vwl Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0187e62ca40cb3d556a2c5825620bd8f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.WinSpy.vwl Vulnerability: Insecure Permissions EoP Description: WinSpy.vwl create t...

CVE-2020-25234

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions UDF in a password protected way. This...

CVE-2020-25231

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The encryption of program data for the affected devices uses a static key. An attacker could use this key to extract confidential information from protected program fil...

CVE-2020-25231

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The encryption of program data for the affected devices uses a static key. An attacker could use this key to extract confidential information from protected program fil...

Information disclosure

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions UDF in a password protected way. This...

CVE-2020-25231

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The encryption of program data for the affected devices uses a static key. An attacker could use this key to extract confidential information from protected program fil...

Microsoft Teams Patch Bypass Allows RCE

COVID-19 has spurred the use of videoconferencing for businesses worldwide – and this expanded threat surface has lured attackers like moths to a flame. Adding insult to injury, researchers have recently discovered a workaround for a previous patch issued for Microsoft Teams, that would allow a...

CVE-2020-13431

I2P before 0.9.46 allows local users to gain privileges via a Trojan horse I2PSvc.exe file because of weak permissions on a certain %PROGRAMFILES% subdirectory...

freeFTPd 1.0.13 Unquoted Service Path

Exploit Title: freeFTPd v1.0.13 - 'freeFTPdService' Unquoted Service Path Exploit Author: boku Date: 2020-02-10 Vendor Homepage: http://www.freesshd.com Software Link: http://www.freesshd.com/freeFTPd.exe Version: 1.0.13 Tested On: Windows 10 32-bit C:\Users\nightelfwmic service get name, pathnam...

Razer US: Synapse 2.21 - DLL Hijacking vulnerability

Description of Vulnerability: When Razer Synapse starts on a Windows machine it tries to load a DLL RazerConfigNative.dll from the C:\ProgramData\Razer\Synapse\Devices directory. If a malicious attacker puts the malicious DLL in that directory, Razer Synapse will load it and run the code found in...

CVE-2019-3567

In some configurations an attacker can inject a new executable path into the extensions.load file for osquery and hard link a parent folder of a malicious binary to a folder with known 'safe' permissions. Under those circumstances osquery will load said malicious executable with SYSTEM permission...

Seqrite End Point Security 7.4 - Privilege Escalation

Exploit Title: Seqrite End Point Security 7.4 - Privilege Escalation Date: 2018-09-13 Exploit Author: Hashim Jawad - @ihack4falafel Vendor Homepage: https://www.seqrite.com/ Tested on: Windows 7 Enterprise SP1 x64 CVE: CVE-2018-17775 Description: Seqrite End Point Security v7.4 installs by defaul...

CVE-2018-7535

An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions Everyone:F under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product...

Cylance CylancePROTECT Privilege Extraction Vulnerability

Cylance CylancePROTECT is a suite of endpoint security protection software from Cylance USA. The software is capable of preventing ransomware, malware, and other attacks. A security vulnerability exists in Cylance CylancePROTECT versions prior to 1470, which stems from a user having...

CVE-2017-14468

CVE-2017-14468 is an improper access control vulnerability affecting the Allen-Bradley MicroLogix 1400 Series B FRN 21.2 and earlier. The flaw resides in the data, program, and function file permissions, allowing unauthenticated packets to trigger reads/writes that disclose sensitive information,...

CVE-2017-16757

Hola VPN 1.34 has weak permissions Everyone:F under %PROGRAMFILES%, which allows local users to gain privileges via a Trojan horse 7za.exe or hola.exe file...