OKI sPSV Port Manager 代码问题漏洞

OKI sPSV Port Manager is a network printing management tool developed by OKI Corporation in Japan. It supports the configuration of printing ports, device connections, and the management of printing services. Version 1.0.41 of OKI sPSV Port Manager contains a code vulnerability. This vulnerabilit...

CVE-2025-10549

EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected...

EUVD-2025-209559

EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected...

CVE-2020-36934 Deep Instinct Windows Agent 1.2.24.0 - 'DeepNetworkService' Unquoted Service Path

Deep Instinct Windows Agent 1.2.24.0 contains an unquoted service path vulnerability in the DeepNetworkService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files\HP Sure Sense\DeepNetworkService.exe to inject...

CVE-2021-47868

CVE-2021-47868 affects WIN-PACK PRO 4.8. The WPCommandFileService has an unquoted service path vulnerability that could allow a local attacker to execute code with LocalSystem privileges by exploiting the unquoted path in the service executable (C:\Program Files (x86)\WINPAKPRO\WPCommandFileServi...

CVE-2026-22813 Malicious website can execute commands on the local system through XSS in the OpenCode web UI

OpenCode is an open source AI coding agent. The markdown renderer used for LLM responses will insert arbitrary HTML into the DOM. There is no sanitization with DOMPurify or even a CSP on the web interface to prevent JavaScript execution via HTML injection. This means controlling the LLM response...

CVE-2025-66266

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the 'Everyone' group Full Control. A local attacker can replace the executable with a malicious binary to execute code with SYSTEM privileges or simply change the config path of the service to a command; startin...

CVE-2025-13051 Windows service used an uncontrolled search path element will cause unauthorized code execution with localsystem privileges

When the service of ABP and AES is installed in a directory writable by non-administrative users, an attacker can replace or plant a DLL with the same name as one loaded by the service. Upon service restart, the malicious DLL is loaded and executed under the LocalSystem account, resulting in...

CVE-2024-20060

In da, there is a possible escalation of privilege due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541749; Issue ID: ALPS08541754...

PT-2024-20119 · Unifier +1 · Unifier +1

Name of the Vulnerable Software and Affected Versions: Unifier and Unifier Cast versions 5.0 or later Description: The issue is related to incorrect default permissions. If exploited, it may allow arbitrary code execution with LocalSystem privilege, potentially leading to the installation of...

CVE-2023-32855

In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204...

Microsoft Internet Explorer 5/6 - Object Type Validation

source: https://www.securityfocus.com/bid/8456/info The problem occurs when Internet Explorer receives a response from the server when a web page containing an object tag is parsed. Successful exploitation of this vulnerability could allow a malicious object to be trusted and as such be executed ...

Локальная дырка в Windows 2000 - переполнение буфера в Still Image Service

Переполнение буфре в сервисе позволяет выполнение кода с привилегией Local System...