CVE-2026-5141

Improper Privilege Management, Improper Access Control, Incorrect privilege assignment vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Hijacking a privileged process. This issue affects Pardus Software Center: from 1.0.2 before 1.0.3...

TÜBİTAK BİLGEM Pardus Software Center 安全漏洞

TÜBİTAK BİLGEM Pardus Software Center is an application store platform provided by TÜBİTAK BİLGEM in Turkey, which offers functions for software browsing, installation, and management of updates. Versions 1.0.2 to 1.0.3 of TÜBİTAK BİLGEM Pardus Software Center contained security vulnerabilities...

CVE-2025-65396

A vulnerability in the boot process of Blurams Flare Camera version 24.1114.151.929 and earlier allows a physically proximate attacker to hijack the boot mechanism and gain a bootloader shell via the UART interface. This is achieved by inducing a read error from the SPI flash memory during the...

CVE-2025-64995 Privilege Escalation via Process Hijacking in 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction

A privilege escalation vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the devic...

CVE-2025-9067

A security issue exists within the x86 Microsoft Installer File MSI, installed with FTLinx. Authenticated attackers with valid Windows user credentials can initiate a repair and hijack the resulting console window. This allows the launching of a command prompt running with SYSTEM-level privileges...

Tenable Security Center Multiple Vulnerabilities (TNS-2025-20)

According to its self-reported version, the Tenable Security Center running on the remote host is version 6.6.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2025-20 advisory. - Symphony process is a module for the Symphony PHP framework which executes commands ...

CVE-2024-41953

ZITAdel ( Zitadel ) has a vulnerability (CVE-2024-41953) due to improper HTML sanitization in emails and Console UI. The issue allows untrusted user- or admin-provided content (such as usernames and email body content) to include HTML/JS that could render in emails and user pages. Impact describe...

CVE-2021-33636 Load malicious images may cause process to be hijacked

When the isula load command is used to load malicious images, attackers can execute arbitrary code...

CVE-2021-33635 Pull malicious images may cause process to be hijacked

When malicious images are pulled by isula pull, attackers can execute arbitrary code...

Chinese Researchers Disrupt Malware Attack That Infected Thousands of PCs

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. The botnet was traced back to a group it calls ShuangQiang also called Double Gun, which has been behind several attacks since 2017 aimed at...

Enigma Fileless UAC Bypass Exploit

This Metasploit module is an implementation of fileless uac bypass using cmd.exe instead of powershell.exe OJ msf module. This module will create the required registry entry in the current user's hive, set the default value to whatever you pass via the EXECCOMMAND parameter, and runs eventvwr.exe...

Privilege escalation

The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an MTS or a COM+ environment, grants the PROCESSDUPHANDLE privilege to the Everyone group upon connection to a queue manager, which allows local users to duplicate an arbitrary handle and possibly...

CVE-2007-6705

The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an MTS or a COM+ environment, grants the PROCESSDUPHANDLE privilege to the Everyone group upon connection to a queue manager, which allows local users to duplicate an arbitrary handle and possibly...

CVE-2007-6705

The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an MTS or a COM+ environment, grants the PROCESSDUPHANDLE privilege to the Everyone group upon connection to a queue manager, which allows local users to duplicate an arbitrary handle and possibly...