Lucene search
+L

550 matches found

Cvelist
Cvelist
added 2024/04/30 12:0 a.m.32 views

CVE-2024-23774

An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An unquoted Windows search path vulnerability exists in the KSchedulerSvc.exe and AMPTools.exe components. This allows local attackers to execute code of their choice with NT Authority\SYSTEM privileges...

7.1AI score0.00444EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/30 12:0 a.m.28 views

CVE-2024-23773

An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file delete vulnerability exists in the KSchedulerSvc.exe component. Local attackers can delete any file of their choice with NT Authority\SYSTEM privileges...

6.9AI score0.00444EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/30 12:0 a.m.25 views

CVE-2024-23774

An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An unquoted Windows search path vulnerability exists in the KSchedulerSvc.exe and AMPTools.exe components. This allows local attackers to execute code of their choice with NT Authority\SYSTEM privileges...

7.2AI score0.00444EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.16 views

PT-2024-20076 · Quest · Kace Agent

Name of the Vulnerable Software and Affected Versions: Quest KACE Agent for Windows versions 12.0.38 through 13.1.23.0 Description: An issue exists in the KSchedulerSvc.exe, KUserAlert.exe, and Runkbot.exe components, allowing local attackers to create any file of their choice with NT...

7.8CVSS6.9AI score0.00444EPSS
Exploits0References9
CVE
CVE
added 2024/04/30 12:0 a.m.69 views

CVE-2024-23773

CVE-2024-23773 concerns Quest KACE Agent for Windows 12.0.38 and 13.1.23.0, with an Arbitrary file delete vulnerability in the KSchedulerSvc.exe component. Local attackers can delete any file using NT AUTHORITY\SYSTEM privileges. This is part of a family of related issues for the same agent (e.g....

7.8CVSS6.9AI score0.00444EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/30 12:0 a.m.36 views

CVE-2024-23772

An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file create vulnerability exists in the KSchedulerSvc.exe, KUserAlert.exe, and Runkbot.exe components. This allows local attackers to create any file of their choice with NT Authority\SYSTEM privileges...

6.6AI score0.00444EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/30 12:0 a.m.15 views

CVE-2024-23773

An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file delete vulnerability exists in the KSchedulerSvc.exe component. Local attackers can delete any file of their choice with NT Authority\SYSTEM privileges...

7AI score0.00444EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2024/04/23 12:0 a.m.473 views

FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiNet FortiClient Endpoint Management Server FCTID SQLi to RCE', 'Description' = %q An SQLi injection vulnerability exists in FortiNet...

9.8CVSS9.9AI score0.97591EPSS
Exploits4
NVD
NVD
added 2024/04/06 12:15 p.m.24 views

CVE-2024-25029

IBM Personal Communications 14.0.6 through 15.0.1 includes a Windows service that is vulnerable to remote code execution RCE and local privilege escalation LPE. The vulnerability allows any unprivileged user with network access to a target computer to run commands with full privileges in the...

10CVSS9.3AI score0.00787EPSS
Exploits0References2
CVE
CVE
added 2024/04/06 11:51 a.m.85 views

CVE-2024-25029

IBM Personal Communications (PCOMM) v14.x–v15.x is vulnerable to remote code execution and local privilege escalation via a Windows service, allowing an unauthenticated network attacker to execute commands with SYSTEM privileges due to an incomplete fix for CVE-2024-25029. Supported affected vers...

10CVSS9.3AI score0.00787EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/04/06 11:51 a.m.33 views

CVE-2024-25029 IBM Personal Communications code execution

IBM Personal Communications 14.0.6 through 15.0.1 includes a Windows service that is vulnerable to remote code execution RCE and local privilege escalation LPE. The vulnerability allows any unprivileged user with network access to a target computer to run commands with full privileges in the...

9CVSS9.2AI score0.00787EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2024/04/03 1:41 p.m.477 views

Exploit for CVE-2024-27518

CVE-2024-27518 - SUPERAntiSpyware Professional X LPE PoC This...

7.8CVSS6.5AI score0.00604EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/04/03 12:0 a.m.315 views

SUPERAntiSpyware Professional X 10.0.1264 DLL Hijacking / Privilege Escalation

Title: SUPERAntiSpyware Professional X Version =10.0.1264 "version.dll" Local Privilege Escalation Date: 03.04.2024 Author: M. Akil Gündoğan Vendor Homepage: https://superantispyware.com/ Version: 10.0.1262 and lastest version 10.0.1264 Tested on: Windows 10 Professional x64 PoC Video:...

7.2AI score0.00604EPSS
Exploits2
OSV
OSV
added 2024/03/06 11:1 a.m.60 views

BIT-NODE-2023-30585

A vulnerability has been identified in the Node.js .msi version installation process, specifically affecting Windows users who install Node.js using the .msi installer. This vulnerability emerges during the repair operation, where the "msiexec.exe" process, running under the NT AUTHORITY\SYSTEM...

7.5CVSS7.4AI score0.01467EPSS
Exploits0References3
NVD
NVD
added 2024/02/13 9:15 a.m.37 views

CVE-2023-50236

A vulnerability has been identified in Polarion ALM All versions V2404.0. The affected product is vulnerable due to weak file and folder permissions in the installation path. An attacker with local access could exploit this vulnerability to escalate privileges to NT AUTHORITY\SYSTEM...

7.8CVSS7.5AI score0.00148EPSS
Exploits0References1
Prion
Prion
added 2024/02/13 9:15 a.m.17 views

Design/Logic Flaw

A vulnerability has been identified in Polarion ALM All versions. The affected product is vulnerable due to weak file and folder permissions in the installation path. An attacker with local access could exploit this vulnerability to escalate privileges to NT AUTHORITY\SYSTEM...

4.3CVSS7.1AI score0.00148EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/13 9:0 a.m.34 views

CVE-2023-50236

A vulnerability has been identified in Polarion ALM All versions V2404.0. The affected product is vulnerable due to weak file and folder permissions in the installation path. An attacker with local access could exploit this vulnerability to escalate privileges to NT AUTHORITY\SYSTEM...

7.8CVSS7.6AI score0.00148EPSS
Exploits0References1
NVD
NVD
added 2023/12/25 6:15 a.m.11 views

CVE-2023-51772

One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a...

8.8CVSS0.00515EPSS
Exploits0References2
Prion
Prion
added 2023/12/25 6:15 a.m.17 views

Design/Logic Flaw

One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a...

6.5CVSS7.1AI score0.00515EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/12/25 12:0 a.m.18 views

CVE-2023-48654

One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: go to the...

9.5AI score0.01013EPSS
Exploits1References2
Rows per page
Query Builder