CVE-2025-41686

CVE-2025-41686 describes a local privilege escalation in which a low-privileged attacker can exploit improper permissions on nssm.exe to gain administrative access. The CVSS v3.1 vector is LOCAL, with LOW privileges required, no user interaction, and a base score of 7.8 (HIGH). Affected component...

PT-2025-32635 · Nssm.Exe · Nssm.Exe

Name of the Vulnerable Software and Affected Versions: nssm.exe affected versions not specified Description: A local attacker with limited privileges can exploit improper permissions on nssm.exe to escalate privileges and gain administrative access. Recommendations: At the moment, there is no...

Odoo 12.0.20190101 - (nssm.exe) Unquoted Service Path Vulnerability

Exploit Title: Odoo 12.0.20190101 - 'nssm.exe' Unquoted Service Path Exploit Author: 1F98D Vendor Homepage: https://www.odoo.com/ Software Link: https://nightly.odoo.com/12.0/nightly/windows/odoo12.0.20190101.exe Tested Version: 12.0.20190101 Tested on OS: Windows Step to discover Unquoted Servic...

Odoo 12.0.20190101 - 'nssm.exe' Unquoted Service Path

Exploit Title: Odoo 12.0.20190101 - 'nssm.exe' Unquoted Service Path Exploit Author: 1F98D Vendor Homepage: https://www.odoo.com/ Software Link: https://nightly.odoo.com/12.0/nightly/windows/odoo12.0.20190101.exe Tested Version: 12.0.20190101 Tested on OS: Windows Step to discover Unquoted Servic...

CVE-2016-8742

The Windows installer that the Apache CouchDB team provides was vulnerable to local privilege escalation. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service launcher, or CouchDB...

Schneider Electric Pelco VideoXpert Privilege Escalation

Schneider Electric Pelco VideoXpert Privilege Escalations Vendor: Schneider Electric SE Product web page: https://www.pelco.com Affected version: Core Software 1.12.105 Media Gateway Software 1.12.26 Exports 1.12 Summary: VideoXpert is a video management solution designed for scalability, fitting...