Genetec Update Service 安全漏洞

The Genetec Update Service is a patch distribution backend component of the American company Genetec. There is a security vulnerability in the Genetec Update Service. This vulnerability stems from the possibility of local administrators leaking information from the configuration page, which could...

SAP NetWeaver 代码问题漏洞

SAP NetWeaver is a service-oriented integrated application platform developed by the German company SAP. This platform primarily provides development and runtime environments for SAP applications. There are code-related vulnerabilities in SAP NetWeaver, particularly those related to deserializati...

PT-2025-39221

Name of the Vulnerable Software and Affected Versions Click Programming Software version v3.60 Description A security issue allows a local user, while an administrator session is active, to steal credentials stored in clear text. The issue involves the cleartext storage of sensitive information a...

CVE-2022-27592

An unquoted search path or element vulnerability has been reported to affect QVR Smart Client. If exploited, the vulnerability could allow local authenticated administrators to execute unauthorized code or commands via unspecified vectors. We have already fixed the vulnerability in the following...

PT-2024-11545 · Qnap · Qvr Smart Client

Name of the Vulnerable Software and Affected Versions: QVR Smart Client versions prior to 2.4.0.0570 Description: An unquoted search path or element issue has been reported, which could allow local authenticated administrators to execute unauthorized code or commands via unspecified vectors...

CVE-2024-32765

A vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow local authenticated administrators to gain access to and execute certain functions via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS...

CVE-2024-32765

A vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow local authenticated administrators to gain access to and execute certain functions via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS...

Design/Logic Flaw

An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors. We have...

CVE-2022-27599

An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors. We have already...

CVE-2020-27587

Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access to files in the File Vault via a brute-force attack on the password...

CVE-2020-27585

Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password...

Privilege escalation

Improper privilege assignment vulnerability in the installer McAfee Application and Change Control MACC prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further...

CVE-2020-16280

Multiple Rangee GmbH RangeeOS 8.0.4 modules store credentials in plaintext including credentials of users for several external facing administrative services, domain joined users, and local administrators. To exploit the vulnerability a local attacker must have access to the underlying operating...

Design/Logic Flaw

Symantec Endpoint Protection SEP, prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights...

UBUNTU-CVE-2016-7155

hw/scsi/vmwpvscsi.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service out-of-bounds access or infinite loop, and QEMU process crash via a crafted page count for descriptor rings...

CVE-2008-7096

Intel Desktop and Mobile boards BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, MGM965TW, D945GCPE, and DX38BT allow local administrators with Ring 0 privileges to gain additional privileges and modify code running in System Management Mode, or access hypervisor memory, as demonstra...

PT-1999-1448 · Ypserv · Ypserv

Name of the Vulnerable Software and Affected Versions: ypserv affected versions not specified Description: The issue allows local administrators to modify password tables, which could lead to unauthorized access or changes to sensitive information. Recommendations: At the moment, there is no...