94 matches found
KB5094042: Windows Server 2012 Security Update (June 2026)
The remote Windows host is missing security update 5094042. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVE-2026-47291 - Heap-based buffer overflow in Remote Desktop...
CVE-2026-0539
Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all...
PT-2026-45256
In geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6786...
Ivanti Secure Access Client 22.x < 22.8R6 Multiple Vulnerabilities
The Ivanti Secure Access Client installed on the remote host is 22.x prior to 22.8R6. It is, therefore, affected by multiple vulnerabilities: - An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify...
EUVD-2020-31224
IObit Uninstaller 9.5.0.15 contains an unquoted service path vulnerability in the IObitUnSvr service that allows local attackers to escalate privileges to SYSTEM level. Attackers can place a malicious executable named IObit.exe in the C:\Program Files x86\IObit directory and restart the service t...
CVE-2026-34458
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, an INI injection vulnerability allows any standard local user to bypass configuration restrictions EditAdminOnly and ConfigPassword and inject arbitrary directives into the global...
CVE-2026-34458
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, an INI injection vulnerability allows any standard local user to bypass configuration restrictions EditAdminOnly and ConfigPassword and inject arbitrary directives into the global...
Sandboxie-Plus 安全漏洞
Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus 1.17.2 and earlier contain security vulnerabilities. These vulnerabilities stem from the GetRawInputDeviceInfoSlave handler in the SbieSvc proxy service, which has issues with information...
CVE-2026-7791
Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leadi...
CVE-2016-20057 NETGATE Registry Cleaner build 16.0.205 Unquoted Service Path Privilege Escalation
NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart ...
EUVD-2026-17917
Lakeside SysTrack Agent 11 before 11.2.1.28 has a race condition with resultant Local Privilege Escalation to SYSTEM...
PT-2026-29546
Lakeside SysTrack Agent 11 before 11.5.0.15 has a race condition with resultant Local Privilege Escalation to SYSTEM. The fixed versions are 11.2.1.28, 11.3.0.38, 11.4.0.24, and 11.5.0.15...
CVE-2025-68623
In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace an executable file during the installation process, which may result in unintended elevation of privileges. During installation, the installer runs with HIGH integrity and downloads executables and...
CVE-2026-1878
An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the...
EUVD-2025-208593
In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace an executable file during the installation process, which may result in unintended elevation of privileges. During installation, the installer runs with HIGH integrity and downloads executables and...
PT-2026-24724
In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace an executable file during the installation process, which may result in unintended elevation of privileges. During installation, the installer runs with HIGH integrity and downloads executables and...
CVE-2025-68623
In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace an executable file during the installation process, which may result in unintended elevation of privileges. During installation, the installer runs with HIGH integrity and downloads executables and...
CVE-2026-20426
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5538...
PT-2026-20261
Name of the Vulnerable Software and Affected Versions Malwarebytes AdwCleaner versions prior to 8.7.0 Description The application runs with Administrator privileges and performs an insecure log file deletion. The target location for deletion is controllable by the user. This allows a...
PT-2026-5294
10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in specific file path locations to achieve privilege escalation to SYSTEM during service startup...