CVE-2024-7234

AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...

CVE-2024-7237

AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...

CVE-2024-6871

G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the targ...

CVE-2024-1867

G DATA Total Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in orde...

CVE-2024-30377

G DATA Total Security Scan Server Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the target...

Panda Security Dome 后置链接漏洞

Panda Security Dome is an antivirus product for ransomware and spyware from Spanish company Panda Security. Panda Security Dome suffers from a back-linking vulnerability that originates from the link-following mechanism in the PSANHost service, which could allow a local attacker to create arbitra...

G DATA Software Total Security 后置链接漏洞

G Data G DATA Software Total Security is a suite of antivirus software from the German company G Data. The software is anti-phishing, anti-virus and anti-spam. G DATA Software Total Security suffers from a backlink vulnerability that originates from allowing a local attacker to overwrite a file b...

G DATA Software Total Security 后置链接漏洞

G Data G DATA Software Total Security is a suite of antivirus software from the German company G Data. The software is anti-phishing, anti-virus and anti-spam. G DATA Software Total Security suffers from a backlink vulnerability that originates from allowing a local attacker to delete files by...

VIPRE Advanced Security 后置链接漏洞

VIPRE Advanced Security is an antivirus security software from VIPRE Corporation. VIPRE Advanced Security suffers from a backlink vulnerability that stems from improper handling of symbolic links, which could allow a local attacker to elevate privileges on an affected installation and execute...

Rapid7 Velociraptor MSI Installer 安全漏洞

Rapid7 Velociraptor MSI Installer is a unique, advanced, open source endpoint monitoring, digital forensics, and cyber response platform from Rapid7 USA. A security vulnerability exists in Rapid7 Velociraptor MSI Installer prior to version 0.73.3 that originates from the execution of arbitrary co...

CVE-2024-27115

CVE-2024-27115 corresponds to an authenticated RCE in SOPlanning via PHP file upload. The nuclei template specifies exploitation of SOPlanning 1.52.01 through authenticated file upload, enabling an attacker to upload and execute PHP code. Remediation is to upgrade to a version newer than 1.52.01,...

Voltronic Power ViewPower elevation of privilege vulnerability (CNVD-2025-21588)

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. An elevation of privilege vulnerability exists in Voltronic Power ViewPower, which can be exploited by an attacker to escalate privileges and execute arbitrary code in the SYSTEM context...

Voltronic Power ViewPower elevation of privilege vulnerability (CNVD-2025-21587)

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower suffers from an elevation of privilege vulnerability that is caused by incorrect permissions being set on a folder. An attacker could use this vulnerability to escalate...

CVE-2024-7252

Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on th...

CVE-2024-7248

Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the...

CVE-2024-7249

Comodo Firewall Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Firewall. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit...

Comodo Internet Security Pro 安全漏洞

Comodo Internet Security Pro is an Internet security suite from Comodo, USA. A security vulnerability exists in Comodo Internet Security Pro that stems from the presence of a Directory Traversal Local Elevation of Privilege vulnerability due to failure to properly validate user-supplied paths...

PT-2024-38193 · Avast · Avast Free Antivirus

Name of the Vulnerable Software and Affected Versions: Avast Free Antivirus affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged...

PT-2024-25789 · Entrust Datacard · Entrust Datacard Xps Card Printer Driver

Name of the Vulnerable Software and Affected Versions: Entrust Datacard XPS Card Printer Driver versions 8.5 and earlier without the dxp1-patch-E24-004 patch Entrust Datacard XPS Card Printer Driver versions 8.4 and earlier Description: The issue is related to insecure permissions in the Entrust...

ServiceNow Template Injection Vulnerability

ServiceNow is a cloud computing platform from US-based ServiceNow, Inc. to help companies manage the digital workflow of their business operations. ServiceNow has a template injection vulnerability, the vulnerability stems from the template is not strictly filtered, an attacker can use the...