CVE-2020-37059

Popcorn Time 6.2.1.14 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can insert malicious executables in Program Files x86 or system root directories to be executed with SYSTEM-level...

EUVD-2020-30954

Atomic Alarm Clock 6.3 contains a local privilege escalation vulnerability in its service configuration that allows attackers to execute arbitrary code with SYSTEM privileges. Attackers can exploit the unquoted service path by placing a malicious executable named 'Program.exe' to gain persistent...

CVE-2020-37060 Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path

Atomic Alarm Clock 6.3 contains a local privilege escalation vulnerability in its service configuration that allows attackers to execute arbitrary code with SYSTEM privileges. Attackers can exploit the unquoted service path by placing a malicious executable named 'Program.exe' to gain persistent...

EUVD-2020-30955

Popcorn Time 6.2.1.14 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can insert malicious executables in Program Files x86 or system root directories to be executed with SYSTEM-level...

CVE-2020-37060

Atomic Alarm Clock 6.3 contains a local privilege escalation vulnerability in its service configuration that allows attackers to execute arbitrary code with SYSTEM privileges. Attackers can exploit the unquoted service path by placing a malicious executable named 'Program.exe' to gain persistent...

CVE-2020-37060

Atomic Alarm Clock 6.3 is affected by a local privilege escalation due to an unquoted service path in its service configuration, enabling an attacker to execute arbitrary code with SYSTEM privileges by placing a malicious Program.exe. The issue allows persistent, system‑level access. Public refer...

RHSA-2026:1586 Red Hat Security Advisory: gimp security update

Bulletin has no description...

PT-2026-5420

Popcorn Time 6.2.1.14 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can insert malicious executables in Program Files x86 or system root directories to be executed with SYSTEM-level...

CVE-2026-24413 Icinga has insecure permission of %ProgramData%\icinga2\var on Windows

Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the %ProgramData%\icinga2\var folder on Windows. This resulted in the its contents - including the private key of the...

RHEL 8 : gimp:2.8 (RHSA-2026:1574)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1574 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including...

Important: Red Hat Security Advisory: gimp security update

An update for gimp is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

CVE-2020-36987

Program Access Controller 1.2.0.0 contains an unquoted service path vulnerability in PACService.exe that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSyste...

CVE-2020-36987 Program Access Controller v1.2.0.0 - 'PACService.exe' Unquoted Service Path

Program Access Controller 1.2.0.0 contains an unquoted service path vulnerability in PACService.exe that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSyste...

CVE-2020-36987

CVE-2020-36987 affects Program Access Controller 1.2.0.0. The unquoted service path vulnerability is in PACService.exe and can be triggered during system startup or reboot to inject and run malicious executables with LocalSystem privileges. Root cause: unquoted service path allowing privilege esc...

Gear Box Computers Program Access Controller code-related vulnerabilities

Gear Box Computers Program Access Controller is a program access controller developed by Gear Box Computers. Version 1.2.0.0 of the Gear Box Computers Program Access Controller contains a code vulnerability. This vulnerability stems from the PACService.exe file having a service path that is not...

CVE-2025-28162

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer ASan, the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unresponsive...

CVE-2026-24822

Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in ttttupup wxhelper src modules. This vulnerability is associated with program files mongoose.C. This issue affects wxhelper: through 3.9.10.19-v1...

EUVD-2026-4842

Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution...

CVE-2026-24344

The CVE-2026-24344 entry describes multiple buffer overflows in the EZCast Pro II Admin UI, affecting version 1.17478.146. The root cause per the documents is buffer overflow conditions in the Admin UI, enabling a crash and potentially remote code execution. No detailed exploit vectors, affected ...

CVE-2026-24825

Missing Release of Memory after Effective Lifetime vulnerability in ydb-platform ydb contrib/libs/yajl modules. This vulnerability is associated with program files yailtree.C. This issue affects ydb: through 24.4.4.2...