728 matches found
MAL-2026-3133 Malicious code in fetchapi-syncdata-pypi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d0dcf5bd5c71d077b3763c74d57d68d5517a2b5c5229fdd5bd6f7369cb2a0f49 The package contains code to download and start a malicious executable. It's masqueraded using name similar to Windows services. In analyzed versions, the code...
MAL-2026-3100 Malicious code in fetch-data-api-syncapi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dda63ba0d0dbd4ddf1d89523cacf89d51ffc9a25891e38cb49a9e424721fba9d The package contains code to download and start a malicious executable. It's masqueraded using name similar to Windows services. In analyzed versions, the code...
Malicious code in fetch-data-api-syncapi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dda63ba0d0dbd4ddf1d89523cacf89d51ffc9a25891e38cb49a9e424721fba9d The package contains code to download and start a malicious executable. It's masqueraded using name similar to Windows services. In analyzed versions, the code...
PT-2026-34330
Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NTSYSTEM privileges on boot. This issue affects all...
PT-2026-33989
Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:Program FilesCivetWebCivetWeb.e...
CVE-2026-6482 Local Privilege Escalation via OpenSSL configuration file in Insight Agent
The Rapid7 Insight Agent versions 4.1.0.2 is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard...
ofensive-playbook
HackTheBox — Writeups Collection A collection of HackTheBox m...
CVE-2026-32083
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...
Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...
PT-2026-32794
CVE-2026-32068 Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SSDP Service allows an authorized attacker to elevate privilege… https://t.co/txSwKIdsD7...
Windows Service for User (S4U) Scheduled Task Persistence - Logon Trigger
Creates a scheduled task that will run using service-for-user S4U. This allows the scheduled task to run even as an unprivileged user that is not logged into the device. This will result in lower security context, allowing access to local resources only. The module requires 'Logon as a batch job'...
CVE-2026-24296
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Device Association Service allows an authorized attacker to elevate privileges locally...
SANYO DENKI SANUPS SOFTWARE 代码问题漏洞
SANYO DENKI SANUPS SOFTWARE is a software developed by SANYO DENKI Corporation in Japan. It is used for monitoring UPS devices, managing their operation, and analyzing power supply status. SANYO DENKI SANUPS SOFTWARE has code vulnerabilities; these vulnerabilities stem from the Windows service fi...
CVE-2026-4606
GV Edge Recording Manager ERM v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system. During installation, ERM creates a Windows service that runs under the LocalSystem account. When the ERM application is...
EUVD-2026-14346
GV Edge Recording Manager ERM v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system. During installation, ERM creates a Windows service that runs under the LocalSystem account. When the ERM application is...
CVE-2026-4606 GeoVision ERM Improper Privilege Assignment Leads to SYSTEM-Level Privilege
GV Edge Recording Manager ERM v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system. During installation, ERM creates a Windows service that runs under the LocalSystem account. When the ERM application is...
PT-2026-27040
Name of the Vulnerable Software and Affected Versions GV Edge Recording Manager version 2.3.1 Description The software improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system. The software creates a Windows service...
EUVD-2017-18930
Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users...
CVE-2017-20218
Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users...
PT-2026-25736
Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users...