CVE-2026-29089

TimescaleDB (Postgres extension) contains a vulnerability in the upgrade path where PostgreSQL’s untrusted search_path can be abused. From versions 2.23.0–2.25.1 , if the search_path includes user-writable schemas, a malicious user could create functions shadowing builtin Postgres functions, caus...

Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)

This host is missing a critical security update according to Microsoft Bulletin MS09-015. OpenVAS Vulnerability Test $Id: secpodms09-015.nasl 5934 2017-04-11 12:28:28Z antu123 $ Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege 959426 Authors: Nikita MR Updated By:...

MS09-015: Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)

A vulnerability in the way the Windows SearchPath function locates and opens files on the remote host could allow an attacker to execute arbitrary remote code if he can trick a user into downloading a specially crafted file into a specific location, such as the Windows Desktop. C Tenable Network...

Microsoft Security Bulletin MS09-015 – Moderate Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)

Microsoft Security Bulletin MS09-015 – Moderate Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege 959426 Published: April 14, 2009 Version: 1.0 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in the Windows...

Privilege escalation

Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the 1 Desktop directory on Windows or 2 Downloads directory on Mac OS X, and subsequently allows...

CVE-2008-2540

Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the 1 Desktop directory on Windows or 2 Downloads directory on Mac OS X, and subsequently allows...

CVE-2008-2540

CVE-2008-2540 involves Safari on macOS and Safari/IE on Windows where downloading an object with an unrecognized content type can place malware in user directories and, via an untrusted search path, lead to remote code execution on Windows (Carpet Bomb / Blended Threat). Connected docs confirm th...

Kaspersky AntiVirus - klif.sys Local Privilege Escalation

Kaspersky AntiVirus - klif.sys Local Privilege Escalation / Added NOSTRICT to 1 on line 2 /str0ke ! milw0rm.com / define NOSTRICT 1 include undef STRICT PUCHAR pCodeBase=PUCHAR0xBE9372C0; PDWORD pJmpAddress=PDWORD0xBE9372B0; PUCHAR pKAVRets=PUCHAR0xBE935087,PUCHAR0xBE935046; PUCHAR pKAVRet;...

Kaspersky AntiVirus ""klif.sys"" Privilege Escalation Vulnerability

No description provided by source. / Added NOSTRICT to 1 on line 2 /str0ke ! milw0rm.com / define NOSTRICT 1 include windows.h undef STRICT PUCHAR pCodeBase=PUCHAR0xBE9372C0; PDWORD pJmpAddress=PDWORD0xBE9372B0; PUCHAR pKAVRets=PUCHAR0xBE935087,PUCHAR0xBE935046; PUCHAR pKAVRet; unsigned char...