CVE-2022-43455

Sewio RTLS Studio versions 2.0.0–2.6.2 are affected by improper input validation in the service_start, service_stop, and service_restart modules, enabling an attacker to start, stop, or restart arbitrary services on the server. Affected products: RTLS Studio; root cause: input validation flaw in ...

Privilege Escalation

thunderbird is vulnerable to privilege escalation.The maintenance service grants SERVICESTART access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service...

Security Vulnerabilities fixed in Thunderbird 78.10.1 — Mozilla

The Maintenance Service granted SERVICESTART access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating if an attacker spammed the 'Stop' command; but also exposed atta...

CVE-2020-15435

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxdashboard.php. When parsing the servicestart parameter, the proce...

GOG GalaxyClientService Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/windows/services' require 'openssl' class MetasploitModule 'GOG GalaxyClientService Privilege Escalation', 'Description' = %q This module will sen...

Windows Escalate Service Permissions Local Privilege Escalation

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'msf/core/post/windows/services' require 'rex'...