CVE-2020-13551

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...

CVE-2020-13539

An exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory via “WIN-911 Mobile Runtime” service. Depending on the vector chosen, an attacker can overwrite various executables which could lead to escalation of t...

CVE-2020-26233

Git Credential Manager Core GCM Core is a secure Git credential helper built on .NET Core that runs on Windows and macOS. In Git Credential Manager Core before version 2.0.289, when recursively cloning a Git repository on Windows with submodules, Git will first clone the top-level repository and...

CVE-2024-25552

A local attacker can gain administrative privileges by inserting an executable file in the path of the affected product...

CVE-2024-25034

IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the type of file in the File Manager T1 process. Attackers can make use of this weakness and upload malicious executable files into the system that can be sent to victims for performing further attac...

CVE-2024-40691

IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing...

PT-2025-7900 · Esri · Arcgis Pro

Name of the Vulnerable Software and Affected Versions: Esri ArcGIS Pro versions 3.3 through 3.4 Description: The issue is related to an untrusted search path vulnerability that may allow a low-privileged attacker with write privileges to the local file system to introduce a malicious executable...

Security update for python311, python-rpm-macros

This update for python311, python-rpm-macros fixes the following issues: python311: - CVE-2024-0450: Fixed zipfile module vulnerability with "quoted-overlap" zipbomb bsc1221854 - CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private ranges bsc1226448 - CVE-2024-0397: Fixed memory race condition...

CVE-2024-2658 Local privilege escalation in FlexNet Publisher

A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 11.19.6.0 allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted...

PT-2025-1303 · Teamviewer · Teamviewer

Name of the Vulnerable Software and Affected Versions: TeamViewer versions prior to 15.62 Description: The issue is related to improper neutralization of argument delimiters in the TeamViewer service.exe component, allowing an attacker with local unprivileged access on a Windows system to elevate...

CVE-2024-57276

In Electronic Arts Dragon Age Origins 1.05, the DAUpdaterSVC service contains an unquoted service path vulnerability. This service is configured with insecure permissions, allowing users to modify the executable file path used by the service. The service runs with NT AUTHORITY\SYSTEM privileges,...

MAL-2025-605 Malicious code in monaco-npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee69dd8c6692848ff6eb6a9a1ed9dc881a6790a2eb02b4942215ee914d5a77da Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-0543

Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing an arbitrary executable in a globally writable directory resulting in...

CVE-2025-0543 G DATA Security Client Local privilege escalation

Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing an arbitrary executable in a globally writable directory resulting in...

CVE-2025-0543 G DATA Security Client Local privilege escalation

Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing an arbitrary executable in a globally writable directory resulting in...

CVE-2025-0543

CVE-2025-0543 describes a local privilege escalation in the G DATA Security Client caused by incorrect assignment of directory privileges. An unprivileged local attacker can escalate to SYSTEM by placing an arbitrary executable in a globally writable directory, which is then executed by the Setup...

CVE-2024-40693

IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing furth...

CVE-2024-25034

IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the type of file in the File Manager T1 process. Attackers can make use of this weakness and upload malicious executable files into the system that can be sent to victims for performing further attac...

CVE-2024-25034

IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the type of file in the File Manager T1 process. Attackers can make use of this weakness and upload malicious executable files into the system that can be sent to victims for performing further attac...

CVE-2024-40693 IBM Planning Analytics file upload

IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing furth...