CVE-2024-12388 Regular Expression Denial of Service (ReDoS) in binary-husky/gpt_academic

A vulnerability in binary-husky/gptacademic version 310122f allows for a Regular Expression Denial of Service ReDoS attack. The application uses a regular expression to parse user input, which can take polynomial time to match certain crafted inputs. This allows an attacker to send a small...

Linux Distros Unpatched Vulnerability : CVE-2017-15025

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial ...

Linux Distros Unpatched Vulnerability : CVE-2018-20002

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bfdgenericreadminisymbols function in syms.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31, has a memory leak vi...

PT-2025-2436 · Wazuh +1 · Wazuh +1

Name of the Vulnerable Software and Affected Versions: Wazuh versions prior to 4.9.0 Description: The issue is related to improper access control in the Wazuh agent for Windows, allowing a local malicious user to potentially exploit this vulnerability by placing a specially crafted DLL file in th...

CVE-2024-50593

An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded "Hotline" password in the Elefant service binary, which is shipped with the software...

CVE-2024-50593

CVE-2024-50593 affects the Elefant Service tool; a local attacker can access restricted functions via a hard-coded "Hotline" password embedded in the Elefant service binary, which is shipped with the software. Affected component is the Elefant Service binary used by HASOMED Elefant. The root caus...

HASOMED Elefant 安全漏洞

HASOMED Elefant is an exercise software from the German company HASOMED. It specializes in meeting the needs of psychotherapists, child and adolescent psychotherapists, and medical psychotherapists. HASOMED Elefant has a security vulnerability. An attacker with local access to a medical office...

CVE-2024-0259

Fortra's Robot Schedule Enterprise Agent for Windows prior to version 3.04 is susceptible to privilege escalation. A low-privileged user can overwrite the service executable. When the service is restarted, the replaced binary runs with local system privileges, allowing a low-privileged user to ga...

PT-2024-15419 · Fortra · Robot Schedule Enterprise Agent

Name of the Vulnerable Software and Affected Versions: Fortra's Robot Schedule Enterprise Agent for Windows versions prior to 3.04 Description: The issue allows a low-privileged user to overwrite the service executable. When the service is restarted, the replaced binary runs with local system...

SUSE CVE-2009-2564

NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlusHelperSvc.exe with insecure permissions Everyone:Full Control, which allows local users to...

CVE-2022-47632

Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed a...

CVE-2022-3263

The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions, which could allow a local user with limited privileges to modify the service binary path and start malicious commands with SYSTEM privileges...

CVE-2022-3263 Measuresoft ScadaPro Server Improper Access Control

The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions, which could allow a local user with limited privileges to modify the service binary path and start malicious commands with SYSTEM privileges...

CVE-2022-3263 Measuresoft ScadaPro Server Improper Access Control

The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions, which could allow a local user with limited privileges to modify the service binary path and start malicious commands with SYSTEM privileges...

CVE-2021-30490

upsMonitor in ViewPower aka ViewPowerHTML 1.04-21012 through 1.04-21353 has insecure permissions for the service binary that enable an Authenticated User to modify files, allowing for privilege escalation...

Privilege escalation

upsMonitor in ViewPower aka ViewPowerHTML 1.04-21012 through 1.04-21353 has insecure permissions for the service binary that enable an Authenticated User to modify files, allowing for privilege escalation...

PT-2022-10017 · Viewpower · Upsmonitor

Name of the Vulnerable Software and Affected Versions: upsMonitor in ViewPower aka ViewPowerHTML versions 1.04-21012 through 1.04-21353 Description: The issue is related to insecure permissions for the service binary, allowing an authenticated user to modify files and enabling privilege escalatio...

ViewPower 安全漏洞

ViewPower is an advanced UPS management software from ViewPower. A security vulnerability exists in ViewPower upsMonitor versions 1.04-21012 through 1.04-21353, which arises from having insecure permissions to a binary service file, allowing an authenticated user to modify the file to allow...

CVE-2022-31464

Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path...

CVE-2022-31464

Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path...