42 matches found
CVE-1999-0886
The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager...
CVE-2025-27060
Memory corruption while performing SCM call with malformed inputs...
EUVD-2000-0732
Malware in sbrugna...
EUVD-2013-3794
Malware in sbrugna...
EUVD-2015-1832
Malware in sbrugna...
CVE-2025-54081 SunshineService Has Unquoted Service Path That Allows Local SYSTEM Code Execution
Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.923.33222, the Windows service SunshineService is installed with an unquoted executable path. If Sunshine is installed in a directory whose name includes a space, the Service Control Manager SCM interprets the path...
Windows 11 22h2 - Kernel Privilege Elevation
// Exploit Title: Windows 11 22h2 - Kernel Privilege Elevation // Date: 2023-06-20 // country: Iran // Exploit Author: Amirhossein Bahramizadeh // Category : webapps // Vendor Homepage: // Tested on: Windows/Linux // CVE : CVE-2023-28293 include include // The vulnerable driver file name const ch...
Persistence – Service Control Manager
The service control manager SCM is responsible to start and stop services in windows environments including device drivers and start up applications. Microsoft introduced in… Continue reading - Persistence - Service Control Manager...
Persistence – Service Control Manager
The service control manager SCM is responsible to start and stop services in windows environments including device drivers and start up applications. Microsoft introduced in… Continue reading - Persistence - Service Control Manager...
Phant0m - Windows Event Log Killer
Svchost is essential in the implementation of so-called shared service processes, where a number of services can share a process in order to reduce resource consumption. Grouping multiple services into a single process conserves computing resources, and this consideration was of particular concer...
The vulnerability of the Service Control Manager (SCM) component in the Android operating system allows a hacker to bypass certificate verification.
The vulnerability of the Service Control Manager SCM component in the Android operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to bypass certificate verification...
MS15-050: Vulnerability in Service Control Manager could allow elevation of privilege: May 12, 2015
MS15-050: Vulnerability in Service Control Manager could allow elevation of privilege: May 12, 2015 Summary This security update resolves a vulnerability in Windows Service Control Manager SCM. This vulnerability is caused when SCM incorrectly verifies impersonation levels. The vulnerability coul...
Microsoft Windows Service Control Manager Elevation of Privilege Vulnerability
Microsoft Windows is a popular operating system. A security vulnerability exists in Microsoft Windows that allows authenticated users to run special program elevations of privilege and invoke restricted target SCMs due to a failure of the Service Control Manager to properly calibrate the emulatio...
CVE-2015-1702
The Service Control Manager SCM in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local use...
Microsoft Windows SCM Privilege_Escalation Vulnerability (3055642)
This host is missing an important security update according to Microsoft Bulletin MS15-050. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows Service Control Manager CVE-2015-1702 Remote Privilege Escalation Vulnerability
Description Microsoft Windows Service Control Manager is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the affected system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot...
Microsoft Windows NT 4.0 DCOM Server Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/624/info It is possible for a local user to modify how DCOM servers are run, thereby escalating his/her privilege level. The Interactive User has write permissions to the DCOM registry entries. By editing the registry key...
CVE-2013-3862
Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager SCM, aka "Service Control Manager Double Free Vulnerability."...
CVE-2013-3862
Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager SCM, aka "Service Control Manager Double Free Vulnerability."...
Double free
Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager SCM, aka "Service Control Manager Double Free Vulnerability."...