Lucene search
+L

91 matches found

Vulnrichment
Vulnrichment
added 2023/10/19 12:0 a.m.11 views

CVE-2023-45883

A privilege escalation vulnerability exists within the Qumu Multicast Extension v2 before 2.0.63 for Windows. When a standard user triggers a repair of the software, a pop-up window opens with SYSTEM privileges. Standard users may use this to gain arbitrary code execution as SYSTEM...

8.1AI score0.00168EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/19 12:0 a.m.5 views

PT-2023-29744 · Qumu · Qumu Multicast Extension V2

Name of the Vulnerable Software and Affected Versions: Qumu Multicast Extension v2 versions prior to 2.0.63 Description: A privilege escalation issue exists within the Qumu Multicast Extension v2 for Windows. When a standard user triggers a repair of the software, a pop-up window opens with SYSTE...

7.8CVSS8.4AI score0.00168EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/10/19 12:0 a.m.6 views

Vidyo Qumu Multicast Extension Security Vulnerability

Vidyo Qumu Multicast Extension is a multicast extension from Vidyo USA. A security vulnerability exists in Vidyo Qumu Multicast Extension version 2.0.63, which originates from a pop-up window that opens with system privileges when a software fix is triggered by a standard user...

7.8CVSS6.8AI score0.00168EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.14 views

PT-2023-7092 · Lenovo +1 · Lenovo Preloaded Devices +1

Name of the Vulnerable Software and Affected Versions: Lenovo preloaded devices affected versions not specified Description: A privilege escalation issue was reported due to incorrect default privileges in Lenovo preloaded devices deployed using Microsoft AutoPilot under a standard user account...

7.8CVSS7.6AI score0.00196EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/08/01 12:0 a.m.45 views

Citrix Secure Access < 23.5.1.3 Privilege Escalation (CTX561480)

A privilege escalation vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT...

7.8CVSS7AI score0.00202EPSS
Exploits0References2
OSV
OSV
added 2023/07/25 1:15 a.m.5 views

CVE-2023-32232

An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.836. During client installation and repair, a PrinterLogic binary is called by the installer to configure the device. This window is not hidden, and is running with elevated privileges. A standard user can break out o...

9.9CVSS6.3AI score0.00835EPSS
Exploits0References3
NVD
NVD
added 2023/07/11 10:15 p.m.33 views

CVE-2023-24491

A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT AUTHORITY\SYSTEM...

7.8CVSS7.6AI score0.00202EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.9 views

Citrix Systems Secure Access 安全漏洞

Citrix Systems Secure Access is a secure access solution from Citrix Systems, Inc. A security vulnerability exists in Citrix Systems Secure Access versions prior to 23.5.1.3 that originates from the installation of a standard user account access endpoint from a vulnerable client that can escalate...

7.8CVSS7.8AI score0.00202EPSS
Exploits0References3
NVD
NVD
added 2023/04/04 4:15 p.m.30 views

CVE-2022-48222

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK installation, certutil.exe is called by the Acuant installer to install certificates. This window is not hidden, and is running with elevated privileges. A standard user can break out of this window, obtaining a full...

7.8CVSS7.9AI score0.00135EPSS
Exploits0References2
OSV
OSV
added 2023/04/04 3:15 p.m.6 views

CVE-2022-48221

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. Multiple MSI's get executed out of a standard-user writable directory. Through a race condition and OpLock manipulation, these files can be overwritten by a standard user. They then get executed by the elevated installer. This give...

7.5CVSS6.1AI score0.00507EPSS
Exploits0References2
NVD
NVD
added 2023/04/04 3:15 p.m.15 views

CVE-2022-48221

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. Multiple MSI's get executed out of a standard-user writable directory. Through a race condition and OpLock manipulation, these files can be overwritten by a standard user. They then get executed by the elevated installer. This give...

7.5CVSS7.8AI score0.00507EPSS
Exploits0References2
Prion
Prion
added 2023/04/04 3:15 p.m.19 views

Race condition

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. Multiple MSI's get executed out of a standard-user writable directory. Through a race condition and OpLock manipulation, these files can be overwritten by a standard user. They then get executed by the elevated installer. This give...

4.6CVSS7.8AI score0.00507EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/04/04 12:0 a.m.4 views

Acuant AcuFill SDK 竞争条件问题漏洞

Acuant AcuFill SDK is a data capture technology from the American company Acuant. All major data fields can be extracted from a document. A security vulnerability exists in Acuant AcuFill SDK that originates from multiple MSIs executing from a standard user writable directory. These files can be...

7.5CVSS7.3AI score0.00507EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/04/04 12:0 a.m.5 views

PT-2023-15618 · Acuant · Acuant Acufill Sdk

Name of the Vulnerable Software and Affected Versions: Acuant AcuFill SDK versions prior to 10.22.02.03 Description: The issue allows a standard user to elevate privileges to full SYSTEM code execution. This is achieved through a race condition and OpLock manipulation, enabling a standard user to...

7.5CVSS7.7AI score0.00507EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/04/04 12:0 a.m.10 views

PT-2023-15623 · Acuant · Acuant Acufill Sdk

Name of the Vulnerable Software and Affected Versions: Acuant AcuFill SDK versions prior to 10.22.02.03 Description: An issue was discovered in the Acuant AcuFill SDK. During installation, an executable file gets executed out of the C:WindowsTemp directory. A standard user can create the path fil...

8.4CVSS7.7AI score0.00182EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/04/04 12:0 a.m.7 views

CVE-2022-48221

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. Multiple MSI's get executed out of a standard-user writable directory. Through a race condition and OpLock manipulation, these files can be overwritten by a standard user. They then get executed by the elevated installer. This give...

7.4AI score0.00507EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/16 12:0 a.m.9 views

Citrix Workspace App 安全漏洞

Citrix Systems Citrix Workspace App formerly known as Receiver is an application used to provide secure access to applications, desktops, and data from Citrix Systems, Inc. A security vulnerability exists in the Citrix Workspace App that originates from allowing a standard user to perform...

7.8CVSS8.2AI score0.00219EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/15 12:0 a.m.9 views

CVE-2023-25011

PC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver11.0.22.0 and earlier allows a attacker to write to the registry as administrator privileges with standard user privileges...

6.8AI score0.00165EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/15 12:0 a.m.33 views

CVE-2023-25011

PC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver11.0.22.0 and earlier allows a attacker to write to the registry as administrator privileges with standard user privileges...

7.8AI score0.00165EPSS
Exploits0References1
NVD
NVD
added 2022/05/18 4:15 p.m.10 views

CVE-2021-42851

A vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an unauthenticated user to create a standard user account...

6.3CVSS0.00557EPSS
Exploits0References1
Rows per page
Query Builder