CVE-2022-45093

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 1. An authenticated remote attacker with access to the Web Based Management 443/tcp of the affected product as well as with access to the SFTP server of the affected product 22/tcp, could potentially read and write...

Bitdefender Antivirus Free 代码问题漏洞

Bitdefender Antivirus Free is a free version of a suite of antivirus software from the Romanian company Bitdefender that primarily provides cyber threat detection and ransomware protection. Bitdefender Antivirus Free 2020 suffers from a code issue vulnerability that stems from an untrusted search...

CVE-2024-13043

Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...

Wacom Center 后置链接漏洞

Wacom Center is a driver from Wacom USA. A backlink vulnerability exists in Wacom Center that stems from the presence of a local elevation of privilege vulnerability that allows a local attacker to elevate privileges and execute arbitrary code in the SYSTEM context...

CVE-2024-11872

Epic Games Launcher Incorrect Default Permissions Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Epic Games Launcher. An attacker must first obtain the ability to execute low-privileged code on the target...

PT-2024-17650 · Wacom · Wacom Center

Name of the Vulnerable Software and Affected Versions: Wacom Center affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Wacom Center. An attacker must first obtain the ability to execute low-privileged code on the targ...

CVE-2024-9244

Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the...

CVE-2024-7234

AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...

CVE-2024-7237

AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...

CVE-2024-6871

G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the targ...

CVE-2024-1867

G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in orde...

CVE-2024-30377

G DATA Total Security Scan Server Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the target...

Panda Security Dome 后置链接漏洞

Panda Security Dome is an antivirus product for ransomware and spyware from Spanish company Panda Security. Panda Security Dome suffers from a back-linking vulnerability that originates from the link-following mechanism in the PSANHost service, which could allow a local attacker to create arbitra...

G DATA Software Total Security 后置链接漏洞

G Data G DATA Software Total Security is a suite of antivirus software from the German company G Data. The software is anti-phishing, anti-virus and anti-spam. G DATA Software Total Security suffers from a backlink vulnerability that originates from allowing a local attacker to overwrite a file b...

G DATA Software Total Security 后置链接漏洞

G Data G DATA Software Total Security is a suite of antivirus software from the German company G Data. The software is anti-phishing, anti-virus and anti-spam. G DATA Software Total Security suffers from a backlink vulnerability that originates from allowing a local attacker to delete files by...

VIPRE Advanced Security 后置链接漏洞

VIPRE Advanced Security is an antivirus security software from VIPRE Corporation. VIPRE Advanced Security suffers from a backlink vulnerability that stems from improper handling of symbolic links, which could allow a local attacker to elevate privileges on an affected installation and execute...

Rapid7 Velociraptor MSI Installer 安全漏洞

Rapid7 Velociraptor MSI Installer is a unique, advanced, open source endpoint monitoring, digital forensics, and cyber response platform from Rapid7 USA. A security vulnerability exists in Rapid7 Velociraptor MSI Installer prior to version 0.73.3 that originates from the execution of arbitrary co...

CVE-2024-27115

CVE-2024-27115 corresponds to an authenticated RCE in SOPlanning via PHP file upload. The nuclei template specifies exploitation of SOPlanning 1.52.01 through authenticated file upload, enabling an attacker to upload and execute PHP code. Remediation is to upgrade to a version newer than 1.52.01,...

Voltronic Power ViewPower elevation of privilege vulnerability (CNVD-2025-21588)

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. An elevation of privilege vulnerability exists in Voltronic Power ViewPower, which can be exploited by an attacker to escalate privileges and execute arbitrary code in the SYSTEM context...

Voltronic Power ViewPower elevation of privilege vulnerability (CNVD-2025-21587)

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower suffers from an elevation of privilege vulnerability that is caused by incorrect permissions being set on a folder. An attacker could use this vulnerability to escalate...