728 matches found
CVE-2017-20218
Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users...
CVE-2017-20218 Serviio PRO 1.8 Local Privilege Escalation via Unquoted Path
Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users...
CVE-2017-20218 Serviio PRO 1.8 Local Privilege Escalation via Unquoted Path
Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users...
CVE-2017-20218
CVE-2017-20218 affects Serviio PRO 1.8 on Windows. The vulnerability is twofold: (1) an unquoted search path in the Windows service allows local attackers to run arbitrary code with elevated privileges by dropping malicious executables in the system root, and (2) overly permissive directory ACLs ...
Microsoft Windows Service Binary Misconfiguration Tester
This document and included Metasploit module analyze the security risks associated with improper Windows service configurations, specifically focusing on writable service binary paths that may lead to privilege escalation. Note that this condition does not occur on a default Windows installation...
Microsoft Windows Service Installation Persistence
This Metasploit module creates a persistent Windows service using multiple methods. It supports PowerShell, SC.exe, and WMI methods for service creation...
Microsoft Windows Service Installation Persistence
This is a Microsoft Windows persistent service installer for creating backdoor services that automatically start payloads upon system boot. This tool is designed for authorized penetration testing and security research purposes. This variant from the author is written in PHP...
CVE-2026-3787
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack...
📄 VirtualBox 7.0.16 Local Privilege Escalation / Race Condition
VirtualBox version 7.0.16 proof of concept local privilege escalation exploit that leverages a race condition vulnerability. ============================================================================================================================================= | Title : VirtualBox 7.0.16...
EUVD-2026-10277
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack...
CVE-2026-3787
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack...
CVE-2026-3787 UltraVNC Windows Service cryptbase.dll uncontrolled search path
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack...
CVE-2026-3787 UltraVNC Windows Service cryptbase.dll uncontrolled search path
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack...
CVE-2026-3787
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack...
CVE-2026-3787
CVE-2026-3787 affects UltraVNC 1.6.4.0 on Windows, where an unidentified function in cryptbase.dll of the Windows Service is susceptible to manipulation that enables an uncontrolled search path. This requires local access and is described as high complexity with exploitability reported as difficu...
PT-2026-23987
Name of the Vulnerable Software and Affected Versions UltraVNC version 1.6.4.0 Description A weakness exists in UltraVNC 1.6.4.0 on Windows. The issue affects an unknown function within the cryptbase.dll library of the Windows Service component, leading to an uncontrolled search path. Local acces...
Veeam Agent for Microsoft Windows Service Fails to Start After Upgrading .NET Components
Challenge After upgrading .NET components on a machine where Veeam Agent for Microsoft Windows is installed, the "Veeam Agent for Microsoft Windows" service fails to start. Windows could not start the Veeam Agent for Microsoft Windows service on Local Computer. Error 1053: The service did not...
CVE-2026-1585
An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the affected service...
EUVD-2026-8927
An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the affected service...
Canon IJ Scan Utility 安全漏洞
Canon IJ Scan Utility is a scanner management software developed by the Japanese company Canon. Versions 1.1.2 to 1.5.0 of Canon IJ Scan Utility contain security vulnerabilities. These vulnerabilities stem from the unquoted Windows service executable path, which may allow local attackers to execu...