Windows StateRepository API Server file Elevation of Privilege Vulnerability

Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally...

PT-2025-32796

Name of the Vulnerable Software and Affected Versions Windows Installer versions affected versions not specified Description A weak authentication issue in Windows Installer allows an authorized attacker to elevate privileges locally. The vulnerability is related to an authentication bypass. A...

KLA86584 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service. Below is a complete list of vulnerabilitie...

KLA86589 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. A denial of service...

Microsoft Windows Installer 安全漏洞

Microsoft Windows Installer is a component of the Windows operating system from Microsoft Corporation USA. It provides a standard basis for installing and uninstalling software. A security vulnerability exists in Microsoft Windows Installer. An attacker could exploit the vulnerability to elevate...

Intel Xeon 6 Processor 安全特征问题漏洞

Intel Xeon 6 Processor is a family of chips from Intel Corporation USA. A security signature issue vulnerability exists in Intel Xeon 6 Processor that stems from an improperly implemented security check that could lead to elevation of privilege...

Intel AI Playground 安全漏洞

Intel AI Playground is an open source application based on AI acceleration technology launched by Intel, which is mainly used to simplify the threshold of AI development, supporting features such as image generation, enhancement and chatbots. Intel AI Playground suffers from a privilege improprie...

Intel PCIe Switch 访问控制错误漏洞

The Intel PCIe Switch is a class of devices from Intel Corporation USA used to extend and manage PCIe bus connectivity. An access control error vulnerability exists in Intel PCIe Switch versions prior to MR41.0b1, which stems from improper access control and could lead to elevation of privilege...

Intel 800 Series Ethernet 安全漏洞

Intel 800 Series Ethernet is a new generation of high-speed Ethernet technology from Intel that supports 25GbE and 100GbE speeds and is backward compatible with 10GbE. An elevation of privilege vulnerability exists in Intel 800 Series Ethernet, which stems from insufficient control flow managemen...

Intel Xeon 6 Scalable processors 安全漏洞

Intel Xeon 6 Scalable processors is a processor from Intel Corporation USA. A security vulnerability exists in Intel Xeon 6 Scalable processors that stems from insufficient access control granularity, which could lead to elevation of privilege...

Intel Clock Jitter Tool 代码问题漏洞

Intel Clock Jitter Tool is a clock jitter analysis tool developed by Intel based on mathematical physics methodology. Intel Clock Jitter Tool suffers from an elevation of privilege vulnerability that stems from an uncontrolled search path, which can be exploited by an attacker to cause an elevati...

Intel Xeon Processor 缓冲区错误漏洞

Intel Xeon Processors is a family of processors launched by Intel for the enterprise-class server, workstation, and high-performance computing HPC markets, mainly serving data centers, cloud computing, artificial intelligence, and other areas. Intel Xeon Processors is vulnerable to an elevation o...

Intel oneAPI Toolkits 代码问题漏洞

Intel oneAPI Toolkits is a set of core tools and libraries from Intel Corporation USA. It is used to develop high-performance, data-centric applications across different architectures. A code issue vulnerability exists in Intel oneAPI Toolkits that stems from an uncontrolled search path that coul...

Siemens SIMATIC RTLS Locating Manager 安全漏洞

Siemens SIMATIC RTLS Locating Manager is an RTLS locating manager from Siemens, Germany. A security vulnerability exists in Siemens SIMATIC RTLS Locating Manager versions prior to V3.3, which stems from improperly protected credentials and could result in elevated privileges...

PT-2025-32772

Name of the Vulnerable Software and Affected Versions: SQL Server affected versions not specified Description: The improper neutralization of special elements used in an SQL command 'SQL injection' in SQL Server allows an authorized attacker to elevate privileges over a network. Recommendations: ...

KB5063889: Windows 10 LTS 1507 Security Update (August 2025)

The remote Windows host is missing security update 5063889. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. CVE-2025-53766 - Concurrent execution using shared resource with improper...

GO-2025-3857 OpenBao Root Namespace Operator May Elevate Token Privileges in github.com/openbao/openbao

OpenBao Root Namespace Operator May Elevate Token Privileges in github.com/openbao/openbao. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2017-13168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233. CVE-2017-13168 Note that...

Microsoft Azure Open AI 代码问题漏洞

Microsoft Azure Open AI is an artificial intelligence service from Microsoft Corporation USA. A code issue vulnerability exists in Microsoft Azure Open AI. An attacker can elevate privileges by exploiting the vulnerability...

Lighthouse data GPMAW 14 安全漏洞

Lighthouse data GPMAW 14 is a program for detailed analysis of the primary structure of proteins and peptides from Lighthouse data, Denmark. A security vulnerability exists in the Lighthouse data GPMAW 14 version that stems from insecure file permissions that could lead to elevated privileges...