473 matches found
CVE-2020-29658
Zoho ManageEngine Application Control Plus before 100523 has an insecure SSL configuration setting for Nginx, leading to Privilege Escalation...
CVE-2018-10381
TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "TunnelBearMaintenance" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "OpenVPNConnect"...
CVE-2019-1167
A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'...
CVE-2019-0733
A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'...
CVE-2019-0330
The OS Command Plugin in the transaction GPAADMIN and the OSCommand Console of SAP Diagnostic Agent LM-Service, version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application...
CVE-2010-2824
Unspecified vulnerability on the Cisco Application Control Engine ACE Module with software A21.x before A21.6, A22.x before A22.3, and A23.x before A23.1 for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service device reload via a sequence of...
CVE-2010-2822
Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine ACE Module with software before A23.2 for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine ACE 4710 appliance with software before A32.6, allows remote...
CVE-2016-1715
The swin.sys kernel driver in McAfee Application Control MAC 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service memory corruption and system crash or...
CVE-2012-4593
McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command...
CVE-2010-2825
Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine ACE Module with software A21.x before A21.6, A22.x before A22.3, and A23.x before A23.1 for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine ACE 4710...
CVE-2009-0615
Directory traversal vulnerability in Cisco Application Networking Manager ANM before 2.0 and Application Control Engine ACE Device Manager before A32.1 allows remote authenticated users to read or modify arbitrary files via unspecified vectors, related to "invalid directory permissions."...
CVE-2025-26678
Improper access control in Windows Defender Application Control WDAC allows an unauthorized attacker to bypass a security feature locally...
The vulnerability of Windows Defender Application Control (WDAC) in Windows operating systems allows attackers to circumvent existing security restrictions.
The vulnerability of Windows Defender Application Control WDAC on Windows operating systems is related to errors in access control. Exploiting this vulnerability can allow a hacker to bypass existing security restrictions...
CVE-2025-26678
Improper access control in Windows Defender Application Control WDAC allows an unauthorized attacker to bypass a security feature locally...
CVE-2025-26678 Windows Defender Application Control Security Feature Bypass Vulnerability
...
Windows Defender Application Control Security Feature Bypass Vulnerability
Improper access control in Windows Defender Application Control WDAC allows an unauthorized attacker to bypass a security feature locally...
Microsoft Windows Defender Application Control(WDAC) 访问控制错误漏洞
Microsoft Windows Defender Application Control WDAC is a security tool from Microsoft Corporation USA that restricts the operation of programs at the software level by configuring policies to reduce the scope of what hackers can attack. An access control error vulnerability exists in Microsoft...
CVE-2025-21848
In the Linux kernel, the following vulnerability has been resolved: nfp: bpf: Add check for nfpappctrlmsgalloc Add check for the return value of nfpappctrlmsgalloc in nfpbpfcmsgalloc to prevent null pointer dereference...
CVE-2021-31833
Potential product security bypass vulnerability in McAfee Application and Change Control MACC prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications that would usually be prevented by...
CVE-2024-25102
This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm hash SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system. Successful exploitation of this...