884 matches found
CVE-2019-18670
In the Quick Access Service QAAdminAgent.exe in Acer Quick Access V2.01.3000 through 2.01.3027 and V3.00.3000 through V3.00.3008, a REGULAR user can load an arbitrary unsigned DLL into the signed service's process, which is running as NT AUTHORITY\SYSTEM. This is a DLL Hijacking vulnerability...
CVE-2024-34474
Clario through 2024-04-11 for Desktop has weak permissions for %PROGRAMDATA%\Clario and tries to load DLLs from there as SYSTEM...
CVE-2019-16752
An issue was discovered in Decentralized Anonymous Payment System DAPS through 2019-08-26. It is possible to force wallets to send HTTP requests to arbitrary locations, both on the local network and on the internet. This is a serious threat to user privacy, since it can possibly leak their IP...
PT-2026-7845
Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.2 PostgreSQL versions prior to 17.8 PostgreSQL versions prior to 16.12 PostgreSQL versions prior to 15.16 PostgreSQL versions prior to 14.21 Description A heap buffer overflow in the pgcrypto component allows a...
PT-2026-7846
PostgreSQL and Affected Versions PostgreSQL versions prior to 18.3 PostgreSQL versions prior to 17.9 PostgreSQL versions prior to 16.13 PostgreSQL versions prior to 15.17 PostgreSQL versions prior to 14.22 PostgreSQL version 9.3 Description PostgreSQL is susceptible to a buffer overrun due to...
PT-2026-7844
Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.2 PostgreSQL versions prior to 17.8 PostgreSQL versions prior to 16.12 PostgreSQL versions prior to 15.16 PostgreSQL versions prior to 14.21 Description A lack of input type validation within the selectivity...
CVE-2025-46174
Ruoyi v4.8.0 vulnerable to Incorrect Access Control. There is a missing checkUserDataScope permission check in the resetPwd Method of SysUserController.java...
CVE-2025-46174
CVE-2025-46174 affects Ruoyi v4.8.0. The issue is an Incorrect Access Control due to a missing checkUserDataScope permission check in the resetPwd method of SysUserController.java. This could allow unauthorized password resets without proper data-scope validation, enabling potential privilege esc...
CVE-2025-37735
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation...
EUVD-2025-36972
A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service...
CVE-2025-10639 Usage of Hardcoded FTP Credentials EfficientLab WorkExaminer Professional
The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code...
CVE-2025-21058
CVE-2025-21058 affects SAMSUNG Mobile Routines, with improper access control in Routines versions prior to 4.8.7.1 (Android 15) and 4.9.6.0 (Android 16). This allows local attackers to potentially execute arbitrary code with SystemUI privileges . The issue is confirmed across multiple sources (RH...
CVE-2025-11341
A security flaw has been discovered in Jinher OA up to 2.0. This affects an unknown function of the file /c6/Jhsoft.Web.module/eformaspx/WebDesign.aspx/?type=SystemUserInfo=1. Performing manipulation results in xml external entity reference. Remote exploitation of the attack is possible. The...
EUVD-2021-18660
Malware in sbrugna...
EUVD-2016-1328
Malware in sbrugna...
EUVD-2018-2247
Malware in sbrugna...
EUVD-2018-6889
Malware in sbrugna...
EUVD-2019-6349
Malware in sbrugna...
EUVD-2019-4674
Malware in sbrugna...
EUVD-2019-19074
Malware in sbrugna...