CVE-2020-36904 Selea CarPlateServer 4.0.1.6 Remote Program Execution via Configuration Endpoint

Selea CarPlateServer 4.0.1.6 contains a remote program execution vulnerability that allows attackers to execute arbitrary Windows binaries by manipulating the NOLISTEXEPATH configuration parameter. Attackers can bypass authentication through the /cps/ endpoint and modify server configuration,...

CVE-2020-36904

CVE-2020-36904 affects Selea CarPlateServer 4.0.1.6. A remote code execution flaw exists via the NO_LIST_EXE_PATH config parameter, allowing bypass of authentication through the /cps/ endpoint and modification of server config, including admin passwords, and execution of system commands. Document...

Selea CarPlateServer 访问控制错误漏洞

Selea CarPlateServer is a car plate recognition software from Selea, Italy. An access control error vulnerability exists in Selea CarPlateServer version 4.0.1.6, which originates from the ability to bypass authentication by manipulating the NOLISTEXEPATH configuration parameter, which could lead ...

PT-2025-53675

Name of the Vulnerable Software and Affected Versions Kings Information & Network Co. KESS Enterprise versions prior to 25.9.19.Exe Description A security issue exists in Kings Information & Network Co. KESS Enterprise on Windows that could allow an unauthorized actor to access sensitive...

CVE-2023-53954 ActFax 10.10 Unquoted Path Services Privilege Escalation Vulnerability

ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious ActSrvNT.exe executable to...

CVE-2025-68239

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: restore write access before closing files opened by openexec bmregisterwrite opens an executable file using openexec, which internally calls doopenexecat and denies write access on the file to avoid modification while...

CVE-2025-68239 binfmt_misc: restore write access before closing files opened by open_exec()

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: restore write access before closing files opened by openexec bmregisterwrite opens an executable file using openexec, which internally calls doopenexecat and denies write access on the file to avoid modification while...

CVE-2025-14668

A vulnerability was detected in campcodes Advanced Online Examination System 1.0. This affects an unknown function of the file /query/loginExe.php. Performing a manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now publi...

CVE-2025-44016

A vulnerability in TeamViewer DEX Client former 1E client - Content Distribution Service NomadBranch.exe prior version 25.11 for Windows allows malicious actors to bypass file integrity validation via a crafted request. By providing a valid hash for a malicious file, an attacker can cause the...

CVE-2025-66266

CVE-2025-66266 concerns the RupsMon.exe service executable in UPSilon 2000. The vulnerability stems from insecure permissions that grant the Everyone group Full Control, enabling a local attacker to replace the binary with a malicious one to execute code with SYSTEM privileges or to alter the ser...

CVE-2025-66264 Unquoted Service path in UPSilon2000V6.0 SYSTEM privilege service

The CMService.exe service runs with SYSTEM privileges and contains an unquoted service path. This allows a local attacker with write privileges to the filesystem to insert a malicious executable in the path, leading to privilege escalation...

CVE-2025-60320

CVE-2025-60320 affects memoQ 10.1.13.ef1b2b52aae and earlier. The issue is an unquoted service path in the memoQ Auto Update Service (memoQauhlp101) where the installed path contains spaces and lacks quotes, allowing local users to escalate to SYSTEM by placing a malicious executable at C:\Progra...

CVE-2021-43768

In Malwarebytes For Teams v.1.0.990 and before and fixed in v.1.0.1003 and later a privilege escalation can occur via the COM interface running in mbamservice.exe...

PT-2025-43621

Name of the Vulnerable Software and Affected Versions Malwarebytes For Teams versions prior to 1.0.1003 Description A privilege escalation can occur through the COM interface within the mbamservice.exe process. Recommendations Update Malwarebytes For Teams to version 1.0.1003 or later...

EUVD-2025-33344

Lavasoft Web Companion also known as Ad-Aware WebCompanion versions 8.9.0.1091 through 12.1.3.1037 installs the DCIService.exe service with an unquoted service path vulnerability. An attacker with write access to the file system could potentially execute arbitrary code with elevated privileges by...

Lavasoft Web Companion 安全漏洞

Lavasoft Web Companion is an antivirus program from Lavasoft Canada. A security vulnerability exists in Lavasoft Web Companion versions 8.9.0.1091 through 12.1.3.1037, which stems from an unquoted service path vulnerability in the DCIService.exe service that could lead to the execution of arbitra...

PT-2025-41386

Name of the Vulnerable Software and Affected Versions Lavasoft Web Companion versions 8.9.0.1091 through 12.1.3.1037 Description Lavasoft Web Companion also known as Ad-Aware WebCompanion installs the DCIService.exe service with an unquoted service path. An attacker with write access to the file...

CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

EUVD-2012-1464

Malware in sbrugna...