Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-4167

Malware in sbrugna...

7.8CVSS7.6AI score0.00342EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 3:53 p.m.8 views

CVE-2020-11827

In GOG Galaxy 1.2.67, there is a service that is vulnerable to weak file/service permissions: GalaxyClientService.exe. An attacker can put malicious code in a Trojan horse GalaxyClientService.exe. After that, the attacker can re-start this service as an unprivileged user to escalate his/her...

7.8CVSS7.3AI score0.00342EPSS
Exploits0References1
CVE
CVE
added 2024/04/30 12:0 a.m.49 views

CVE-2023-50914

CVE-2023-50914 is a local privilege escalation in GOG Galaxy (Beta) IPC between GalaxyClient.exe and GalaxyClientService.exe. From 2.0.67.2 through 2.0.71.2, an authenticated user can forge IPC packets via FixDirectoryPrivileges, altering the DACL of arbitrary system directories to grant Everyone...

6.7CVSS6.9AI score0.00701EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/04/30 12:0 a.m.17 views

CVE-2023-50915

An issue exists in GalaxyClientService.exe in GOG Galaxy Beta 2.0.67.2 through 2.0.71.2 that could allow authenticated users to overwrite and corrupt critical system files via a combination of an NTFS Junction and an RPC Object Manager symbolic link and could result in a denial of service...

6.6AI score0.00679EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/04/30 12:0 a.m.21 views

CVE-2023-50914

A Privilege Escalation issue in the inter-process communication procedure from GOG Galaxy Beta 2.0.67.2 through v2.0.71.2 allows authentictaed users to change the DACL of arbitrary system directories to include Everyone full control permissions by modifying the FixDirectoryPrivileges instruction...

6.9AI score0.00701EPSS
Exploits1References4
CVE
CVE
added 2020/07/14 5:6 p.m.213 views

CVE-2020-11827

The CVE-2020-11827 entry concerns GOG Galaxy 1.2.67, where GalaxyClientService.exe exposes weak file/service permissions that can be abused to escalate to SYSTEM privileges. According to the sources, an attacker could replace or tamper with the GalaxyClientService.exe and restart the service as a...

7.8CVSS7.7AI score0.00342EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder