6679 matches found
EUVD-2020-30852
Kite 1.2020.1119.0 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Kite\KiteService.exe' to inject malicious executables and escalate...
CVE-2020-36958
CVE-2020-36958 affects Kite 1.2020.1119.0 with an unquoted service path in the KiteService Windows service. The unquoted path (C:\Program Files\Kite\KiteService.exe) can be exploited by local attackers to inject a malicious executable and escalate privileges on the system. The provided documents ...
CVE-2020-36957 PDF Complete 3.5.310.2002 - 'pdfsvc.exe' Unquoted Service Path
PDF Complete 3.5.310.2002 contains an unquoted service path vulnerability in its pdfsvc.exe service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges...
CVE-2020-36957
PDF Complete 3.5.310.2002 contains an unquoted service path vulnerability in its pdfsvc.exe service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges...
CVE-2020-36957
CVE-2020-36957 corresponds to the unquoted service path vulnerability in PDF Complete 3.5.310.2002, specifically in the pdfsvc.exe service configuration. The root cause is an unquoted image path, allowing an attacker to inject and execute malicious code with elevated LocalSystem privileges. Conne...
CVE-2025-59094 Local Privilege Escalation in dormakaba Kaba exos 9300 System management
A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application d9sysdef.exe. Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM...
CVE-2025-59094
CVE-2025-59094 concerns the Kaba exos 9300 System management application (d9sysdef.exe). The issue is a local privilege escalation that allows an attacker to specify an arbitrary executable and the weekday/start time for it to run with SYSTEM privileges. The cited sources describe the vulnerabili...
EUVD-2025-206356
A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application d9sysdef.exe. Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM...
CVE-2025-59094
A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application d9sysdef.exe. Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM...
CVE-2025-59094 Local Privilege Escalation in dormakaba Kaba exos 9300 System management
A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application d9sysdef.exe. Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM...
PDF Complete code issue vulnerabilities
PDF Complete is a PDF editor developed by PDF Complete Inc. Version 3.5.310.2002 of PDF Complete has a code vulnerability that stems from the lack of quotation marks around the pdfsvc.exe service path, which may lead to privilege escalation...
Dormakaba Exos 9300 security vulnerabilities
Dormakaba Exos 9300 is an access control and security management system developed by the American company Dormakaba. Dormakaba Exos 9300 has a security vulnerability that stems from the ability to specify any executable file to run with SYSTEM privileges, which may lead to an increase in local...
PT-2026-4746
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
PT-2026-4744
A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application d9sysdef.exe. Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM...
buffer-overflow
Buffer Overflow Overview This repository contains educatio...
CVE-2020-36935
KMSpico 17.1.0.0 contains an unquoted service path vulnerability in the Service KMSELDI configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:\Program Files\KMSpico\ServiceKMS.exe to inject malicious executables and...
EUVD-2026-4633
KMSpico 17.1.0.0 contains an unquoted service path vulnerability in the Service KMSELDI configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:\Program Files\KMSpico\ServiceKMS.exe to inject malicious executables and...
PT-2026-4653
KMSpico 17.1.0.0 contains an unquoted service path vulnerability in the Service KMSELDI configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:Program FilesKMSpicoService KMS.exe to inject malicious executables and...
CVE-2022-25369
An issue was discovered in Dynamicweb before 9.12.8. An attacker can add a new administrator user without authentication. This flaw exists due to a logic issue when determining if the setup phases of the product can be run again. Once an attacker is authenticated as the new admin user they have...
CVE-2022-25369
An issue was discovered in Dynamicweb before 9.12.8. An attacker can add a new administrator user without authentication. This flaw exists due to a logic issue when determining if the setup phases of the product can be run again. Once an attacker is authenticated as the new admin user they have...