CVE-2026-42171

NSIS Nullsoft Scriptable Install System 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges if they can cause myGetTempFileName to return 0, as shown in the references...

EUVD-2025-25691

Malicious code in bioql PyPI...

CVE-2025-34193

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Windows client components PrinterInstallerClientInterface.exe, PrinterInstallerClient.exe, PrinterInstallerClientLauncher.exe that lack modern compile-time and...

CVE-2025-57699

Western Digital Kitfox for Windows provided by Western Digital Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with the SYSTEM privilege...

CVE-2023-28122

A local privilege escalation LPE vulnerability in UI Desktop for Windows Version 0.59.1.71 and earlier allows a malicious actor with local access to a Windows device running said application to submit arbitrary commands as SYSTEM.This vulnerability is fixed in Version 0.62.3 and later...

PT-2024-37491 · Malwarebytes · Malwarebytes Antimalware

Name of the Vulnerable Software and Affected Versions: Malwarebytes Antimalware affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Malwarebytes Antimalware. An attacker must first obtain the ability to execute...

Palo Alto Networks Cortex XDR Agent 代码问题漏洞

Palo Alto Networks Cortex XDR Agent is a client software for checking the security of client devices from Palo Alto Networks Malaysia. A security vulnerability exists in Palo Alto Networks Cortex XDR Agent that originates from improper control of user control files. The vulnerability can be...