CVE-2026-9789

A Local Privilege Escalation LPE vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List ACL. This allows any authenticated local user to connect and send...

Nomios GREENmod 安全漏洞

Nomios GREENmod is an industrial control system developed by the Polish company Nomios, designed for monitoring and managing energy and power infrastructure. Nomios GREENmod has a security vulnerability, which stems from incorrect configuration of the name pipe access control list, potentially...

CVE-2025-67826

An issue was discovered in K7 Ultimate Security 17.0.2045. A Local Privilege Escalation LPE vulnerability in the K7 Ultimate Security antivirus can be exploited by a local unprivileged user on default installations of the product. Insecure access to a named pipe allows unprivileged users to edit...

EUVD-2015-8669

Malware in sbrugna...

EUVD-2015-7763

Malware in sbrugna...

CVE-2024-42049

TightVNC Server for Windows before 2.8.84 allows attackers to connect to the control pipe via a network connection...

CVE-2025-4660

CVE-2025-4660 affects Forescout SecureConnector Windows agent. The issue arises from improper access controls on a named pipe (the FS SC UNINSTALL PIPE), which is accessible to Everyone and does not restrict remote connections, enabling network-based redirects of the SecureConnector agent to a ro...

CVE-2025-4660 Remote Code Execution in Windows Secure Connector/ HPS Inspection Engine via Insecure Named Pipe Access

A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without...

SUSE CVE-2024-24974

The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service...

PT-2025-14766 · Openvpn +1 · Openvpn +1

Name of the Vulnerable Software and Affected Versions: OpenVPN versions 2.4.0 through 2.6.10 Description: The issue allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to, enabling it to escalate its privileges. Recommendations: For...

CVE-2023-31019

NVIDIA GPU Display Driver for Windows contains a vulnerability in wksServicePlugin.dll, where the driver implementation does not restrict or incorrectly restricts access from the named pipe server to a connecting client, which may lead to potential impersonation to the client's secure context...

CVE-2022-22141

'Long-term Data Archive Package' service implemented in the following Yokogawa Electric products creates some named pipe with imporper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 t...

Windows SMB PsImpersonateClient null token vulnerability

Added: 07/13/2017 CVE: CVE-2017-0144 BID: 96704 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. Problem A remote attacker can execute arbitrary commands with SYSTEM privileges by overwriting the token to a null value and forci...

CVE-2015-8800

Symantec Embedded Security: Critical System Protection SES:CSP 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices SES:CSP 6.5.0 before MP1, Critical System Protection SCSP before 5.2.9 MP6, Data Center Security: Server Advanced Server DCS:SA 6.x before...