30 matches found
PT-2026-43021
Name of the Vulnerable Software and Affected Versions Acer Care Center affected versions not specified Description The ACCSvc service creates a Named Pipe with a weak Security Descriptor. This allows an authenticated local user to connect and send a specially crafted message of type 0x03 to the...
PT-2025-44963
Name of the Vulnerable Software and Affected Versions Everything affected versions not specified Description The service used by Everything, running with SYSTEM privileges, communicates with the Everything GUI using a named pipe. This named pipe has a NULL Discretionary Access Control List DACL,...
EUVD-2020-5444
Malware in sbrugna...
EUVD-2008-1369
Malware in sbrugna...
EUVD-2010-1925
Malware in sbrugna...
EUVD-2018-18083
Malware in sbrugna...
EUVD-2018-17946
Malware in sbrugna...
EUVD-2019-9342
Malware in sbrugna...
EUVD-2025-14480
Malicious code in bioql PyPI...
CVE-2013-10046
A local privilege escalation vulnerability exists in Agnitum Outpost Internet Security 8.1 that allows an unprivileged user to execute arbitrary code with SYSTEM privileges. The flaw resides in the acs.exe component, which exposes a named pipe that accepts unauthenticated commands. By exploiting ...
CVE-2013-10046
Agnitum Outpost Internet Security 8.1 contains a local privilege escalation in the acs.exe component. The issue arises from a directory traversal flaw in a named pipe that accepts unauthenticated commands, allowing an unprivileged user to load a malicious DLL from a user-controlled location and e...
CVE-2013-10046 Agnitum Outpost Internet Security Local Privilege Escalation
A local privilege escalation vulnerability exists in Agnitum Outpost Internet Security 8.1 that allows an unprivileged user to execute arbitrary code with SYSTEM privileges. The flaw resides in the acs.exe component, which exposes a named pipe that accepts unauthenticated commands. By exploiting ...
Exploit for Improper Access Control in Fortinet Forticlient
CVE-2024-40586 Windows Coerced Authentication in FortiClient...
CVE-2025-5491
Affected product: Acer ControlCenter (Windows). The CVE-2025-5491 entry describes a Remote Code Execution via a misconfigured Windows Named Pipe that uses a custom protocol to invoke internal functions, allowing low-privilege remote users to execute arbitrary code as NT AUTHORITY\SYSTEM and thus ...
CVE-2023-26238
An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe...
Code injection
Initialization of the pcoipcredentialprovider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installin...
CVE-2018-6322
Panda Global Protection 17.0.1 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of .\pipe\PSANMSrvcPpal -- an "insecurely created named pipe." Ensures full access to Everyone users group...
CVE-2018-6400
Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \.\pipe\WPSCloudSvr\WpsCloudSvr -- an "insecurely created named pipe." Ensures full access to Everyone users group...
CVE-2018-6400
CVE-2018-6400 affects Kingsoft WPS Office Free 10.2.0.5978. The vulnerability arises from an insecurely created named pipe, \.\pipe\WPSCloudSvr\WpsCloudSvr, which can be impersonated to obtain full access via a NULL DACL. This enables local privilege escalation or denial of service by a low-privi...
SUSE-SU-2016:1028-1 Security update for samba
samba was updated to fix seven security issues. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain...