Hardcoded credentials

Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with 'create folders or append data' access to the root of the OS disk C:\ to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo...

CVE-2020-1986 Secdo: Local authenticated users can cause Windows system crash

Improper input validation vulnerability in Secdo allows an authenticated local user with 'create folders or append data' access to the root of the OS disk C:\ to cause a system crash on every login. This issue affects all versions Secdo for Windows...

CVE-2020-1988

The issue is an unquoted search path privilege-escalation in Windows releases of Palo Alto GlobalProtect App/Agent. A local, authenticated user who can create files at the root of C:\ or in Program Files could gain SYSTEM privileges. Affected versions: GlobalProtect Agent 5.0.x before 5.0.5 and 4...

Secdo: Privilege escalation via hardcoded script path

Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with 'create folders or append data' access to the root of the OS disk C:\ to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo...

CVE-2010-1140

The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk...