CVE-2026-9489

NitroSense 3.x before 3.01.3052 contains Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrary code with ...

CVE-2026-9489

NitroSense V3 (affected versions prior to 3.01.3052) contains a Local Privilege Escalation due to a misconfigured Windows Named Pipe that uses a custom protocol to invoke internal functions. The misconfiguration allows any authenticated local user to execute arbitrary code with NT AUTHORITY\SYSTE...

EUVD-2026-28533

PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrar...

EUVD-2026-26663

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

PT-2026-23127

Name of the Vulnerable Software and Affected Versions UPS Multi-UPS Management Console MUMC version 01.06.0001 A03 Description The UPS Multi-UPS Management Console MUMC version 01.06.0001 A03 has an issue related to incorrect default permissions. This allows an attacker to execute arbitrary code...

CVE-2026-0870

CVE-2026-0870 pertains to MacroHub by GIGABYTE, describing a Local Privilege Escalation. The vulnerability arises because MacroHub launches external applications with improper privileges, enabling an authenticated local attacker to execute arbitrary code with SYSTEM privileges. Affected component...

10-Strike Bandwidth Monitor code issue vulnerability

10-Strike Bandwidth Monitor is a network bandwidth monitoring and traffic analysis tool developed by the American company 10-Strike. Version 3.9 of 10-Strike Bandwidth Monitor has a code vulnerability; this vulnerability arises from multiple service paths not being enclosed in quotes, which may...

CVE-2025-34333 AudioCodes Fax/IVR Appliance <= 2.6.23 World-Writable Webroot LPE

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 configure the web document root at C:\F2MAdmin\F2E with overly permissive file system permissions. Authenticated local users have modify rights on this directory, while the associated web server process...

Sony Optical Disc Archive Software 代码问题漏洞

Sony Optical Disc Archive Software is a system for long-term archiving and data storage from Sony Corporation of Japan. A code issue vulnerability exists in Sony Optical Disc Archive Software that originates from a Windows service registering unquoted file paths, which could cause a user with wri...

CVE-2025-0320

Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows...

PT-2025-5802

Name of the Vulnerable Software and Affected Versions: Defense Platform Home Edition versions 3.9.51.x and earlier Description: The issue allows an attacker to obtain SYSTEM privilege of the Windows system where the product is running by performing a specific operation. This is due to an executio...

Humming Heads Defense Platform 安全漏洞

Humming Heads Defense Platform is a network security software from Humming Heads, Inc. A security vulnerability exists in Humming Heads Defense Platform Ver.3.9.51.x and prior versions that originated from a vulnerability that allows an attacker to send a specially crafted message to modify syste...

PT-2025-3424 · Bioware · Dragon Age Origins

Name of the Vulnerable Software and Affected Versions: Dragon Age Origins version 1.05 Description: The DAUpdaterSVC service in Dragon Age Origins contains an unquoted service path issue, allowing users to modify the executable file path used by the service. This service runs with NT...

Siemens SINEMA Remote Connect 命令注入漏洞

SINEMA Remote Connect is a management platform for remote networks that makes it simple to manage tunneled connections VPN between headquarters, service technicians and installed machines or plants. A command injection vulnerability exists in the Siemens SINEMA Remote Connect Client, which can be...

1E Platform Security Vulnerability

1E Platform is a terminal endpoint management and automation solution from 1E. A security vulnerability exists in prior versions of 1E Platform-Exchange Product Pack-End-User Interaction 23 that stems from not properly validating the Caption or Message parameters, allowing an attacker to execute...

CVE-2023-33227

The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability This vulnerability allows a low level user to perform the actions with SYSTEM privileges...

CVE-2022-29483

Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine...

AppDynamics.NET Agent for Windows 安全漏洞

AppDynamics.NET Agent for Windows is intended to be used if you want to monitor IIS applications, Windows services, or standalone applications. A security vulnerability exists in AppDynamics.NET Agent for Windows versions prior to 21.7, which originates from the .NET Agent Coordinator service...

Microsoft Windows Print Spooler Components 缓冲区错误漏洞

Microsoft Windows Print Spooler is a print backend processor component of Microsoft Corporation USA.A remote code execution vulnerability exists in Microsoft Windows Print Spooler, which can be exploited by attackers to run arbitrary code with SYSTEM privileges...

CVE-2020-10143

Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl. Macrium Reflect contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate...