EUVD-2022-35332

Malicious code in bioql PyPI...

CVE-2010-5185

The Antivirus component in Comodo Internet Security before 5.3.174622.1216 does not check whether X.509 certificates in signed executable files have been revoked, which has unknown impact and remote attack vectors...

Ivanti Endpoint Manager Elevation of Privilege Vulnerability

Ivanti Endpoint Manager EPM is a suite of endpoint security managers from Ivanti, USA. An elevation of privilege vulnerability exists in Ivanti Endpoint Manager, which stems from the "LANDeskR Management Agent" service exposing a socket that, once connected, can be used to launch commands only fo...

CVE-2022-30121

The “LANDeskR Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system...

CVE-2022-30121

The “LANDeskR Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system...

CVE-2015-6971

Summary of CVE-2015-6971 : Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0013 allows a local attacker to submit commands to the SUService.exe and escalate privileges by launching signed Lenovo executables. The root cause is flaws in the security token authentication proce...

MS16-140: Security Update for Boot Manager (3193479)

The remote Windows host is missing a security update. It is, therefore, affected a security bypass vulnerability in Windows Secure Boot due to the use of an insecure boot policy in firmware. A local attacker can exploit this issue to disable code integrity checks, allowing test-signed executables...

Microsoft Windows Security Bypass Vulnerability (CNVD-2016-04962)

Microsoft Windows is a series of operating systems released by the American company Microsoft. A security bypass vulnerability exists in Microsoft Windows. A local attacker could exploit the vulnerability to disable code integrity checking, allowing signed test executables and drivers to be loade...

Microsoft Windows Secure Boot Security Feature Bypass Vulnerability (3177404)

This host is missing an important security update according to Microsoft Bulletin MS16-094 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Manipulating Microsoft WSUS to Own Enterprises

LAS VEGAS – Windows Server Update Services WSUS is your friend, if you run an enterprise IT shop, because it facilitates the download and distribution of security patches, service pack installations and hardware driver updates among others. Two researchers this week at the Black Hat conference,...