PT-2026-40971

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.81.0 Description A flaw in the software installer pipeline allows a crafted software package to execute arbitrary commands as root on macOS and Linux, or as SYSTEM on Windows, when an uninstall is triggered. When...

WordPress Gravity SMTP plugin <= 2.1.4 - Missing Authorization to Authenticated (Subscriber+) Plugin Uninstall vulnerability

Missing Authorization to Authenticated Subscriber+ Plugin Uninstall vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Gravity SMTP versions = 2.1.4...

MajorDoMo 安全漏洞

MajorDoMo is an open-source DIY smart home automation platform developed by the MajorDoMo community. There is a security vulnerability in MajorDoMo. This vulnerability stems from the admin method in the market module, which reads grmode from $REQUEST and assigns it to $this-mode. As a result, all...

CVE-2024-3269

The Download Monitor plugin for WordPress is vulnerable to unauthorized access to functionality due to a missing capability check on the dlmuninstallplugin function in all versions up to, and including, 4.9.13. This makes it possible for authenticated attackers to uninstall the plugin and delete...

CrowdStrike Falcon AGENT 6.44.15806 - Uninstall without Installation Token Vulnerability

Exploit Title: CrowdStrike Falcon AGENT 6.44.15806 - Uninstall without Installation Token Exploit Author: Walter Oberacher, Raffaele Nacca, Davide Bianchin, Fortunato Lodari, Luca Bernardi Deda Cloud Cybersecurity Team Vendor Homepage: https://www.crowdstrike.com/ Author Homepage:...

McAfee Total Protection 安全漏洞

McAfee Total Protection MTP is a suite of antivirus software from McAfee, Inc. in the United States. A security vulnerability exists in McAfee Total Protection prior to version 16.0.51, which originated from a vulnerability that allows an attacker to trick a victim into uninstalling an applicatio...

OMGF < 4.5.12 - Admin+ Arbitrary Folder Deletion via Path Traversal

The plugin does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary folders when uninstalling the plugin PoC As admin, put the following payload in the "Fonts Cache Directory" setting of the plugin: ../wp-includes, tick the...

PT-2021-15582 · Mcafee · Mcafee Endpoint Security (Ens) For Windows

Name of the Vulnerable Software and Affected Versions: McAfee Endpoint Security ENS for Windows versions prior to 10.7.0 February 2021 Update Description: The issue concerns improper access control in an attribute, allowing an authenticated local administrator user to uninstall the anti-malware...

McAfee Total Protection (MTP) Security Restriction Bypass Vulnerability

McAfee Total Protection is a suite of antivirus software from the American company McAfee McAfee. A security vulnerability exists in the Windows client in McAfee MTP versions prior to 16.0.R18. This vulnerability can be exploited by a local attacker with specially crafted malware to bypass the...

CVE-2019-3593

Exploitation of Privilege/Trust vulnerability in Microsoft Windows client in McAfee Total Protection MTP Prior to 16.0.R18 allows local users to bypass product self-protection, tamper with policies and product files, and uninstall McAfee software without permission via specially crafted malware...

Symantec Endpoint Protection 12.1.2015.2015 Uninstall

Hi list, Description: --------------------------------------------- A weakness has been revealed on SEP installation that allows user to uninstall this product without previous knowledge of the un-installation password. Affected version: 12.1.2015.2015 Affected OS: Windows XP Details:...

CVE-2007-6499

Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to uninstall the FrontPage extensions of an arbitrary account via a request to fp2002/UNINSTAL.asp with a "host id IIS value."...

Dart Communications PowerTCP Service Control Remote BoF Exploit

Exploit for unknown platform in category remote exploits =============================================================== Dart Communications PowerTCP Service Control Remote BoF Exploit =============================================================== 'metasploit one, 456 bytes - cmd /c net user su...

CVE-2007-1243

Audins Audiens 3.3 allows remote attackers to bypass authentication and perform certain privileged actions, possibly an uninstall of the product, by calling unistall.php with the values cnf=disinstalla and status=on. NOTE: the provenance of this information is unknown; the details are obtained...