CVE-2022-31464

Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path...

Path traversal

Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path...

Adaware Protect 安全漏洞

Adaware Protect is a free antivirus program from Adaware Canada. It is used for online security to protect your entire computer from suspicious websites. A security vulnerability exists in Adaware Protect version v1.2.439.4251 that stems from an insecure privilege configuration that allows an...

CVE-2022-28005

An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server via /Electron/download directory traversal in conjunction with a path component that uses...

PT-2022-18743 · 3Cx · 3Cx Phone System Management Console

Name of the Vulnerable Software and Affected Versions: 3CX Phone System Management Console versions prior to 18 Update 3 FINAL Description: An issue was discovered in the 3CX Phone System Management Console, where an unauthenticated attacker could abuse improperly secured access to arbitrary file...

CVE-2022-23583 `CHECK`-failures in binary ops in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the dtype no longer...

Microsoft OMI Service Detection

Binary data microsoftomiservicedetect.nbin...

OpenClinic GA installation privilege escalation vulnerability

Summary An incorrect default permissions vulnerability exists in the installation functionality of OpenClinic GA 5.173.3. Overwriting the binary can result in privilege escalation. An attacker can replace a file to exploit this vulnerability. Tested Versions OpenClinic GA 5.173.3 Product URLs...

JerryScript has a binary vulnerability (CNVD-2021-25982)

JerryScript is a lightweight JavaScript engine . A binary vulnerability exists in JerryScript, which can be exploited by attackers to cause a denial of service...

JerryScript has a binary vulnerability (CNVD-2021-25984)

JerryScript is a lightweight JavaScript engine . A binary vulnerability exists in JerryScript, which can be exploited by attackers to cause a denial of service...

CVE-2020-13542

A local privilege elevation vulnerability exists in the file system permissions of LogicalDoc 8.5.1 installation. Depending on the vector chosen, an attacker can either replace the service binary or replace DLL files loaded by the service, both which get executed by a service thus executing...

CVE-2020-13542

A local privilege elevation vulnerability exists in the file system permissions of LogicalDoc 8.5.1 installation. Depending on the vector chosen, an attacker can either replace the service binary or replace DLL files loaded by the service, both which get executed by a service thus executing...

CVE-2019-19741

Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client's...

CVE-2019-19741

Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client's...

Design/Logic Flaw

Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client's...

CVE-2012-4761

A Privilege Escalation vulnerability exists in the unquoted Service Binary in SDPAgent or SDBAgent in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges...

Privilege escalation

A Privilege Escalation vulnerability exists in the unquoted Service Binary in SDPAgent or SDBAgent in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges...

CVE-2012-4761

Summary: CVE-2012-4761 affects Safend Data Protector Agent 3.4.5586.9772. The vulnerability arises from an unquoted Service Binary for SDPAgent/SDBAgent, enabling a local attacker to escalate privileges. What’s vulnerable: the Windows service path containing spaces (SDBAgent.exe/SDPAgent.exe) and...

CVE-2012-4761

A Privilege Escalation vulnerability exists in the unquoted Service Binary in SDPAgent or SDBAgent in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges...

NextVPN v4.10 - Insecure File Permissions

NextVPN v4.10 - Insecure File Permissions Exploit Title: NextVPN v4.10 - Insecure File Permissions Date: 2019-12-23 Exploit Author: SajjadBnd Contact: [email protected] Vendor Homepage: https://vm3max.site Software Link:http://dl.spacevm.com/NextVPNSetup-v4.10.exe Version: 4.10 Tested on: Win10...