709 matches found
CVE-2022-4991 Tychon is vulnerable to privilege escalation due to OPENSSLDIR location
Tychon includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory that may be controllable by an unprivileged user on Windows. Tychon contains a privileged service that uses this OpenSSL component. A user who can place a specially-crafted openssl.cnf file at an...
CVE-2018-25359
CVE-2018-25359 affects Splinterware System Scheduler Pro 5.12. The issue is insecure file permissions enabling low-privilege users to replace the service executable (WService.exe) in the installation directory, causing a malicious binary to run with LocalSystem privileges when the service starts....
CVE-2026-7373
Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows a user to gain SYSTEM level control of a Windows host. When started the metasploitPostgreSQL service would start the postgres.exe child process which would in turn load an OpenSSL configuration file from a stat...
CVE-2020-37247 Kite 4.2.0.1 U1 Unquoted Service Path Privilege Escalation
Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...
EUVD-2020-31248
Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...
CVE-2020-37247 Kite 4.2.0.1 U1 Unquoted Service Path Privilege Escalation
Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...
CVE-2020-37247
Kite 4.2.0.1 U1 is affected by an unquoted service path vulnerability in the KiteService Windows service. The underlying issue allows local attackers to escalate privileges to LocalSystem by placing a malicious executable in the Program Files directory, which is executed when the service starts. ...
CVE-2020-37229
OKI sPSV Port Manager 1.0.41 is affected by an unquoted service path vulnerability in the sPSVOpLclSrv service. The root cause is an unquoted path which allows local attackers to insert a malicious executable in the service’s directory; when the service restarts or the system reboots, the payload...
Kite 代码问题漏洞
Kite is an AI code development tool developed by the Kite company in the United States. Version Kite 4.2.0.1 U1 contains a code vulnerability. This vulnerability stems from an unresolved service path in the KiteService Windows service, which may allow local attackers to gain elevated privileges b...
CVE-2024-47091 Privilege escalation via mk_mysql agent plugin on Windows
Privilege escalation in the mkmysql agent plugin on Windows in Checkmk 2.4.0p29, 2.3.0p47, and 2.2.0 EOL allows a local unprivileged user able to create a Windows service whose name matches 'MySQL' or 'MariaDB' or with write access to a binary referenced by such a service to execute arbitrary cod...
openSUSE 16 Security Update : coredns (openSUSE-SU-2026:20703-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20703-1 advisory. Changes in coredns: - Update to version 1.14.3: This release introduces Windows service support, along with full TSIG verification across DoH,...
OPENSUSE-SU-2026:20703-1 Security update for coredns
This update for coredns fixes the following issues: Changes in coredns: - Update to version 1.14.3: This release introduces Windows service support, along with full TSIG verification across DoH, DoH3, QUIC, and gRPC transports, and improved TSIG propagation and DoH request validation. It also add...
CVE-2026-34464
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMEDPIPEOPENREQ into a fixed WCHAR pipename160 stack buffer using wcscat without verifying null termination. The handler only...
CVE-2026-34464 Sandboxie-Plus NamedPipeServer OpenHandler stack overflow via unterminated server field
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMEDPIPEOPENREQ into a fixed WCHAR pipename160 stack buffer using wcscat without verifying null termination. The handler only...
CVE-2026-34461
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGIDSBIEINIRUNSBIECTRL message is handled before normal sandbox and impersonation checks, and for non-sandbox...
MAL-2026-3133 Malicious code in fetchapi-syncdata-pypi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d0dcf5bd5c71d077b3763c74d57d68d5517a2b5c5229fdd5bd6f7369cb2a0f49 The package contains code to download and start a malicious executable. It's masqueraded using name similar to Windows services. In analyzed versions, the code...
MAL-2026-3100 Malicious code in fetch-data-api-syncapi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dda63ba0d0dbd4ddf1d89523cacf89d51ffc9a25891e38cb49a9e424721fba9d The package contains code to download and start a malicious executable. It's masqueraded using name similar to Windows services. In analyzed versions, the code...
Malicious code in fetch-data-api-syncapi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dda63ba0d0dbd4ddf1d89523cacf89d51ffc9a25891e38cb49a9e424721fba9d The package contains code to download and start a malicious executable. It's masqueraded using name similar to Windows services. In analyzed versions, the code...
PT-2026-34330
Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NTSYSTEM privileges on boot. This issue affects all...
PT-2026-33989
Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:Program FilesCivetWebCivetWeb.e...