Lucene search
+L

8 matches found

EUVD
EUVD
added 2026/07/09 6:25 a.m.7 views

EUVD-2026-42516

Incorrect Permission Assignment in BOSH.Utils.psm1 in BOSH-Ecosystem bosh-windows-stemcell-builder allows low-privilege authenticated users to overwrite C:\bosh\servicewrapper.exe or C:\bosh\bosh-agent.exe and gain NT AUTHORITY\SYSTEM on the next service restart or reboot. This can lead to full...

8.8CVSS7.2AI score0.001EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/29 3:20 p.m.9 views

CVE-2025-13905

CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart...

7CVSS5.9AI score0.00103EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/01/29 3:20 p.m.26 views

CVE-2025-13905

CVE-2025-13905 maps to Schneider Electric EcoStruxure Process Expert (for AVEVA System Platform) with versions prior to 2025 affected. The issue is CWE-276: Incorrect Default Permissions, enabling privilege escalation via a reverse shell when one or more executable service binaries are modified i...

7CVSS5.9AI score0.00103EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/29 3:20 p.m.6 views

EUVD-2025-206546

CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart...

7CVSS5.9AI score0.00103EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.4 views

PT-2026-3177

Name of the Vulnerable Software and Affected Versions Sync Breeze version 13.6.18 Description Sync Breeze version 13.6.18 contains a security issue due to an unquoted service path in its Windows service configuration. This allows local attackers to potentially execute arbitrary code. The issue...

8.5CVSS7.5AI score0.00209EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/23 6:25 a.m.9 views

CVE-2024-50590

Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is writable for all users. ...

7.8CVSS7AI score0.00189EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/08 12:0 a.m.6 views

HASOMED Elefant 安全漏洞

HASOMED Elefant is an exercise software from the German company HASOMED. It specializes in meeting the needs of psychotherapists, child and adolescent psychotherapists, and medical psychotherapists. A security vulnerability exists in HASOMED Elefant, which arises from the fact that an attacker wi...

7.8CVSS6.4AI score0.00189EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/26 12:0 a.m.4 views

OpenClinic GA 安全漏洞

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management. A security vulnerability exists in OpenClinic GA, which stems from the fact that by default, the Authenticated Users group has permissio...

9.3CVSS7.7AI score0.01276EPSS
Exploits0References4
Rows per page
Query Builder