222 matches found
Alexander Maier EisBaer Scada Path Traversal Vulnerability
Alexander Maier EisBaer Scada is a visual reality display and control program created on Windows operating systems by Alexander Maier of Germany. Alexander Maier EisBaer Scada suffers from a path traversal vulnerability that stems from an incorrect restriction on pathnames to restricted directori...
Security Bulletin: IBM i Access Client Solutions - Windows Application Package is vulnerable to a timing issue with RSA Decryption in GSKit builds prior to 8.0.55.31 (CVE-2023-32342)
Summary IBM GSKit is used by IBM i Access Client Solutions - Windows Application Package when making TLS connections to an IBM i partition. If an RSA cipher is used, IBM GSKit could allow a remote attacker to obtain sensitive information. Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IB...
CVE-2023-27706
Bitwarden Windows desktop application versions prior to v2023.4.0 store biometric keys in Windows Credential Manager, accessible to other local unprivileged processes...
CVE-2023-28344
An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application allows unauthenticated attackers to view constantly updated screenshots of student desktops and to submit falsified screenshots on behalf of students. Attackers are able to view screenshots ...
Webcam Preview Test Application
Please note: You can download the required file from the Citrix downloads website by visiting the following link:https://www.citrix.com/downloads/citrix-tools Simple Windows UI application to test and troubleshoot Webcam redirection on Terminal Server and Workstation VDAs, as well as to check...
Dell Display Manager 安全漏洞
Dell Display Manager is a Windows application from Dell, Inc. It is used to manage a monitor or a group of monitors. A security vulnerability exists in Dell Display Manager version 2.1.0 and prior versions. An attacker could exploit this vulnerability to execute arbitrary code...
CVE-2023-29059
3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX...
CVE-2023-29059
3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX...
CVE-2022-44745
Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect Home Office Windows before build 40107...
CVE-2022-40298
Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the AirMedia Windows Application, version 4.3.1.39. A low privileged user can initiate a repair of the system and gain a SYSTEM level shell...
CVE-2022-34102
Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt...
CVE-2022-34102
Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt...
CVE-2022-34102
Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt...
CVE-2022-34101
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack...
CVE-2022-34101
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack...
Privilege escalation
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack...
CVE-2022-34101
The CVE-2022-34101 issue affects Crestron AirMedia Windows Application 4.3.1.39. The root cause is a path-based DLL placement that allows an attacker to execute code locally and perform privilege escalation. The NVD entry lists a CVSSv3.1 base score of 7.8 ( HIGH ) with Local attack vector, Low a...
CVE-2022-34102
Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt...
CVE-2022-34102
CVE-2022-34102 affects the Crestron AirMedia Windows Application, v4.3.1.39. The issue is an insufficient access control in the uninstallation flow that allows a user to pause the uninstallation of an executable and obtain a SYSTEM-level command prompt . Concretely, the vulnerability enables priv...
CVE-2022-34100
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a low-privileged user can gain a SYSTEM level command prompt by pre-staging a file structure prior to the installation of a trusted service executable and change permissions on that file...