CVE-2020-36981

Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in ForwardDaemon.exe to inject malicious code that will execute with elevated system privileges...

CVE-2021-47804

Wise Care 365 5.6.7.568 contains an unquoted service path vulnerability in the WiseBootAssistant service running with LocalSystem privileges. Attackers can exploit this by inserting a malicious executable in the service path, which will execute with elevated system privileges when the service...

PT-2026-3174

Wise Care 365 5.6.7.568 contains an unquoted service path vulnerability in the WiseBootAssistant service running with LocalSystem privileges. Attackers can exploit this by inserting a malicious executable in the service path, which will execute with elevated system privileges when the service...

PT-2025-47421

Name of the Vulnerable Software and Affected Versions ABP versions 2.0 through 2.0.7.9050 AES versions 1.0 through 1.0.6.8290 Description The services of ABP and AES, when installed in a directory accessible for writing by non-administrative users, are susceptible to DLL hijacking. An attacker ca...

EUVD-2023-46212

Malicious code in bioql PyPI...

CVE-2023-36624

Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement...

Scooter Software Beyond Compare 代码问题漏洞

Scooter Software Beyond Compare is content comparison tool software from Scooter Software. A security vulnerability exists in Scooter Software Beyond Compare versions 1.8a through 4.4.2 prior to 4.4.3 that originates from a DLL hijacking vulnerability in the uninstaller when installing the progra...

CVE-2022-31590

SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the...

CVE-2022-0026

A local privilege escalation PE vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory such as C:\ to execute a program with elevated privileges. This issue impacts all...

PT-2020-4082 · Microsoft · Windows Language Pack Installer +1

Name of the Vulnerable Software and Affected Versions: Windows Language Pack Installer affected versions not specified Description: The issue is related to the improper handling of file operations by the Windows Language Pack Installer, allowing an attacker to run processes in an elevated context...

PT-2020-3701 · Microsoft · Windows Work Folder Service +1

Name of the Vulnerable Software and Affected Versions: Windows Work Folder Service affected versions not specified Description: The issue is related to the improper handling of file operations by the Windows Work Folder Service, allowing an attacker to run processes in an elevated context. An...