PT-2024-38193 · Avast · Avast Free Antivirus

Name of the Vulnerable Software and Affected Versions: Avast Free Antivirus affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged...

PT-2024-25789 · Entrust Datacard · Entrust Datacard Xps Card Printer Driver

Name of the Vulnerable Software and Affected Versions: Entrust Datacard XPS Card Printer Driver versions 8.5 and earlier without the dxp1-patch-E24-004 patch Entrust Datacard XPS Card Printer Driver versions 8.4 and earlier Description: The issue is related to insecure permissions in the Entrust...

CVE-2024-5292

D-Link Network Assistant Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of D-Link Network Assistant. An attacker must first obtain the ability to execute low-privileged code on t...

D-Link Network Assistant 安全漏洞

D-Link Network Assistant is a network assistant from China's Youxun D-Link. A security vulnerability exists in D-Link Network Assistant version 4.0.0.21 and earlier, which stems from a local privilege escalation vulnerability that could allow an attacker to elevate privileges and execute arbitrar...

CVE-2023-51636

Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

CVE-2023-51579

Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. An attacker must first obtain the ability to execute low-privileged code on...

CVE-2023-50197

Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the...

CVE-2023-42099

Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the...

CVE-2023-32178

VIPRE Antivirus Plus TelFileTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target...

CVE-2023-32175

VIPRE Antivirus Plus Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order ...

CVE-2023-32176

VIPRE Antivirus Plus SetPrivateConfig Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the...

CVE-2023-32175

VIPRE Antivirus Plus Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order ...

CVE-2023-32177

VIPRE Antivirus Plus DeleteHistoryFile Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the...

Voltronic Power ViewPower 安全漏洞

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower suffers from an elevation of privilege vulnerability that is caused by incorrect permissions being set on a folder. An attacker could use this vulnerability to escalate...

Voltronic Power ViewPower 安全漏洞

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. An elevation of privilege vulnerability exists in Voltronic Power ViewPower, which can be exploited by an attacker to escalate privileges and execute arbitrary code in the SYSTEM context...

CVE-2023-7016

A flaw in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows allows an attacker to execute code at a SYSTEM level via local access...

PT-2023-30230 · Videolan · Vlc Media Player

Name of the Vulnerable Software and Affected Versions: VideoLAN VLC media player versions prior to 3.0.19 Description: A binary hijacking issue exists where the uninstaller attempts to execute code with elevated privileges from a location writable by standard users. This can be exploited by...

Code injection

Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in Application Server's executable folders. An attacker could potentially exploit this vulnerability, leading to a standard user to have arbitrary system code execution. Honeywell recommends updating to the most...

CVE-2023-6179 Incorrect Permission assignment to program executable folders

Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in Application Server's executable folders. An attacker could potentially exploit this vulnerability, leading to a standard user to have arbitrary system code execution. Honeywell recommends updating to the most...

CVE-2023-45163

The 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the input parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This instruction only runs on...