CVE-2016-20033

Wowza Streaming Engine 4.5.0 contains a local privilege escalation vulnerability that allows authenticated users to escalate privileges by replacing executable files due to improper file permissions granting full access to the Everyone group. Attackers can replace the nssmx64.exe binary in the...

PT-2026-25731

Wowza Streaming Engine 4.5.0 contains a local privilege escalation vulnerability that allows authenticated users to escalate privileges by replacing executable files due to improper file permissions granting full access to the Everyone group. Attackers can replace the nssm x64.exe binary in the...

EUVD-2025-24230

Malicious code in bioql PyPI...

CVE-2025-41686

A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access...

CVE-2025-41686 Improper File Permissions Allow Local Privilege Escalation

A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access...

PHOENIX CONTACT DaUM 访问控制错误漏洞

Phoenix Contact DaUM is a device management software from Phoenix Contact, Germany. An access control error vulnerability exists in PHOENIX CONTACT DaUM that stems from improper permissions on nssm.exe, which could lead to elevated privileges...

📄 Microsoft AutoUpdate Privilege Escalation

Microsoft AutoUpdate MAU suffers from a privilege escalation vulnerability. Titles: CVE-2025-47968-Core-Logic Microsoft AutoUpdate MAU Elevation of Privilege Vulnerability Author: nu11secur1ty Date: 07/03/2025 Vendor: https://www.microsoft.com/en-us Software:...

CVE-2024-51448

IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.ex...

CVE-2024-51448

IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.ex...

PT-2024-10276 · Ibm · Ibm Robotic Process Automation

Name of the Vulnerable Software and Affected Versions: IBM Robotic Process Automation versions 21.0.0 through 21.0.7.17 IBM Robotic Process Automation versions 23.0.0 through 23.0.18 Description: The issue is related to errors in inherited permissions. It could allow a local user to escalate thei...

Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia

Last December, we discovered a new group targeting Russian businesses and government agencies with ransomware. Further investigation into this group's activity suggests a connection to other groups currently targeting Russia. We have seen overlaps not only in indicators of compromise and tools, b...

Security Bulletin: BladeCenter SAS RAID Module (RSSM) are affected by two vulnerabilities (CVE-2014-3018, CVE-2014-3019)

Summary Two vulnerabilities affect BladeCenter SAS RAID Module. Vulnerability Details Abstract Two vulnerabilities affect BladeCenter SAS RAID Module. Content Vulnerability Details: CVE-ID: CVE-2014-3018 Description: IBM SAS Connectivity Module NSSM and SAS RAID Module RSSM contain a denial of...

Security Bulletin: BladeCenter SAS Connectivity Module (NSSM) are affected by two vulnerabilities (CVE-2014-3018, CVE-2014-3019)

Summary Two vulnerabilities affect BladeCenter SAS Connectivity Module Vulnerability Details Abstract Two vulnerabilities affect BladeCenter SAS Connectivity Module Content Vulnerability Details: CVE-ID: CVE-2014-3018 Description: IBM SAS Connectivity Module NSSM contain a denial of service when ...

Wowza Streaming Engine 4.5.0 - Privilege Escalation (1)

Exploit for windows platform in category local exploits Wowza Streaming Engine 4.5.0 Local Privilege Escalation Vendor: Wowza Media Systems, LLC. Product web page: https://www.wowza.com Affected version: Wowza Streaming Engine 4.5.0 build 18676 Wowza Streaming Engine Manager 4.5.0 build 18676...

CVE-2014-3019

IBM BladeCenter SAS Connectivity Module aka NSSM and SAS RAID Module aka RSSM before 1.3.3.006 allow remote attackers to obtain blade and storage-pool access via a TELNET session...

CVE-2014-3018

IBM BladeCenter SAS Connectivity Module aka NSSM and SAS RAID Module aka RSSM before 1.3.3.006 allow remote attackers to cause a denial of service reboot via a flood of IP packets...

CVE-2014-3019

CVE-2014-3019 affects IBM BladeCenter SAS Connectivity Module (NSSM) and SAS RAID Module (RSSM). The issue is an unauthenticated Telnet service that could allow a remote attacker to access blade and storage-pool functions. Affected versions are NSSM/RSSM prior to 1.3.3.006 (and RSSM earlier 1.3.3...