McAfee Agent Command Injection Vulnerability

The McAfee McAfee Agent MA is a set of client components from McAfee, Inc. that provides secure communications between ePolicy Orchestrator the antivirus management platform and managed products. A security vulnerability exists in the McAfee Agent that originates from allowing a local user to...

Microsoft Windows CryptoAPI Spoofing Vulnerability

Microsoft Windows CryptoAPI Crypt32.dll contains a spoofing vulnerability in the way it validates Elliptic Curve Cryptography ECC certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was fro...

CVE-2021-34692

iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges...

CVE-2020-6790 Uncontrolled Search Path Element in Bosch Video Streaming Gateway Installer

Calling an executable through an Uncontrolled Search Path Element in the Bosch Video Streaming Gateway installer up to and including version 6.45.10 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious...

CVE-2020-26233

GCM Core on Windows is affected by CVE-2020-26233 prior to 2.0.289. When recursively cloning a repo with submodules, Git Credential Manager Core may start a malicious git.exe in the top-level repository instead of the PATH git when reading configuration, potentially enabling code execution. The i...

Arbitrary Code Execution

gdb is vulnerable to arbitrary code execution. An integer overflow in the stringappends function in cplus-dem.c allows remote attackers to execute arbitrary code via a malicious executable...

CVE-2020-7381

In Rapid7 Nexpose installer versions prior to 6.6.40, the Nexpose installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during a Securit...

gfe-sass downloads Resources over HTTP

Affected versions of gfe-sass insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syste...

GHSA-J9Q7-3RHF-4PPV windows-selenium-chromedriver downloads Resources over HTTP

Affected versions of windows-selenium-chromedriver insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...

CVE-2020-22721

A File Upload Vulnerability in PNotes - Andrey Gruber PNotes.NET v3.8.1.2 allows a local attacker to execute arbitrary code via the Miscellaneous " External Programs by uploading the malicious .exe file to the external program...

CVE-2020-22722

Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege escalation vulnerability in the ScadaAgentSvc.exe executable file. An attacker can obtain admin privileges by placing a malicious .exe file in the application and renaming it ScadaAgentSvc.exe, which would result in executing t...

Command Execution Vulnerability in Media Mate

Media Mate is a media center similar to Plex. Media Mate has a command execution vulnerability that can be exploited by an attacker to execute a malicious exe file...

CVE-2020-9047

A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterprise Manager versions 20.06.4.0 and prior. An attacker with administrative privileges could...

SolarWinds Advanced Monitoring Agent Elevation of Privilege Vulnerability

SolarWinds Advanced Monitoring Agent is a set of monitoring agent software from SolarWinds Inc. in the United States. The software is mainly used for remote monitoring and management of servers and so on. A security vulnerability exists in SolarWinds Advanced Monitoring Agent versions prior to...

CVE-2020-12828

An issue was discovered in AnchorFree VPN SDK before 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path where a malicious executable file resides leads to executing the malicious executable file with SYSTE...

CVE-2020-12828

An issue was discovered in AnchorFree VPN SDK before 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path where a malicious executable file resides leads to executing the malicious executable file with SYSTE...

CVE-2020-5569

An unquoted search path vulnerability exists in HDD Password tool for Windows version 1.20.6620 and earlier which is stored in CANVIO PREMIUM 3TBHD-MB30TY, HD-MA30TY, HD-MB30TS, HD-MA30TS, CANVIO PREMIUM 2TBHD-MB20TY, HD-MA20TY, HD-MB20TS, HD-MA20TS, CANVIO PREMIUM 1TBHD-MB10TY, HD-MA10TY,...

Design/Logic Flaw

An unquoted search path vulnerability exists in HDD Password tool for Windows version 1.20.6620 and earlier which is stored in CANVIO PREMIUM 3TBHD-MB30TY, HD-MA30TY, HD-MB30TS, HD-MA30TS, CANVIO PREMIUM 2TBHD-MB20TY, HD-MA20TY, HD-MB20TS, HD-MA20TS, CANVIO PREMIUM 1TBHD-MB10TY, HD-MA10TY,...

Microsoft Windows Unquoted Service Path Privilege Escalation Exploit

This Metasploit module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:\program files\hello.exe; The Windows API will try to interpret this as two possible paths...

Windows Unquoted Service Path Privilege Escalation

This module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:\program files\hello.exe; The Windows API will try to interpret this as two possible paths:...