126 matches found
CVE-2025-6759
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS...
CVE-2025-6759
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS...
TeamViewer Remote Full Client (Windows) < 11.0.259324 / 12.x < 12.0.259325 / 13.x < 13.2.36227 / 14.x < 14.7.48809 / 15.x < 15.64.5 / 15.65.x < 15.67 Privilege Escalation (TV-2025-1002)
The version of TeamViewer Remote Full Client installed on the remote Windows host is prior to 11.0.259324, 12.x prior to 12.0.259325, 13.x prior to 13.2.36227, 14.x prior to 14.7.48809, 15.x prior to 15.64.5, or 15.65.x prior to 15.67. It is, therefore, affected by a privilege escalation...
Tenable Agent 安全漏洞
Tenable Agent is a vulnerability scanning program from Tenable USA. Tenable Agent has an elevation of privilege vulnerability, which originates from a non-administrative user deleting arbitrary local system files with SYSTEM privileges, and can be exploited by an attacker to tamper with the syste...
CVE-2023-20768
In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07559800...
CVE-2023-20724
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07843845; Issue ID: ALPS07843841...
CVE-2023-20673
In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103...
CVE-2023-20621
In tinysys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664755; Issue ID: ALPS07664755...
CVE-2023-20608
In display drm, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363599; Issue ID: ALPS07363599...
CVE-2022-43722
A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SYSTEM rights when a service is started that...
CVE-2021-37364
OpenClinic GA 5.194.18 is affected by Insecure Permissions. By default the Authenticated Users group has the modify permission to openclinic folders/files. A low privilege account is able to rename mysqld.exe or tomcat8.exe files located in bin folders and replace with a malicious file that would...
CVE-2020-10515
STARFACE UCC Client before 6.7.1.204 on WIndows allows binary planting to execute code with System rights, aka usd-2020-0006...
CVE-1999-0534
A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single...
VIPRE Advanced Security 后置链接漏洞
VIPRE Advanced Security is an antivirus security software from VIPRE Corporation. VIPRE Advanced Security suffers from a back-link vulnerability that originates from a vulnerability that could allow a local attacker to elevate privileges on an affected installation and execute arbitrary code in a...
HASOMED Elefant 安全漏洞
HASOMED Elefant is an exercise software from the German company HASOMED. It specializes in meeting the needs of psychotherapists, child and adolescent psychotherapists, and medical psychotherapists. HASOMED Elefant has a security vulnerability. An attacker with local access to a medical office...
CVE-2024-20106
In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08960505; Issue ID: MSV-1590...
CVE-2024-20095
In m4u, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08996894; Issue ID: MSV-1636...
CVE-2024-7889
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows...
The vulnerability of the Ivanti Secure Access Client (formerly Pulse Secure Desktop Client) for corporate networks’ VPN servers in Windows operating systems stems from an operation that goes beyond the buffer in memory, allowing a malicious actor to execute arbitrary code with SYSTEM privileges.
The vulnerability of the Ivanti Secure Access Client formerly Pulse Secure Desktop Client for corporate networks’ VPN servers on Windows operating systems is related to the execution of commands outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execut...
PT-2024-18547 · Mediatek +1 · Mt6580 +24
Name of the Vulnerable Software and Affected Versions: In da affected versions not specified Description: The issue is related to a possible escalation of privilege due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User...