CVE-2020-37231 Privacy Drive 3.17.0 Unquoted Service Path Privilege Escalation

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...

PT-2026-41431

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...

Arbitrary File Overwrite

org.springframework.boot, spring-boot is vulnerable to arbitrary file overwrite. The vulnerability is due to insecure handling of the PID file via ApplicationPidFileWriter, which allows a local attacker with write access to the PID file location to exploit symlink behavior and overwrite or corrup...

CVE-2021-47874

VFS for Git 1.0.21014.1 contains an unquoted service path vulnerability in the GVFS.Service Windows service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem...

EUVD-2024-55373

Tosibox Key Service 3.3.0 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the service startup process by inserting malicious code in the system root path, enabling unauthorize...

CVE-2024-58315 Tosibox Key Service 3.3.0 Local Privilege Escalation via Unquoted Service Path

Tosibox Key Service 3.3.0 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the service startup process by inserting malicious code in the system root path, enabling unauthorize...

CVE-2023-47262

The startup process and device configurations of the Abbott ID NOW device, before v7.1, can be interrupted and/or modified via physical access to an internal serial port. Direct physical access is required to exploit...

Design/Logic Flaw

The startup process and device configurations of the Abbott ID NOW device, before v7.1, can be interrupted and/or modified via physical access to an internal serial port. Direct physical access is required to exploit...

CVE-2023-47262

The startup process and device configurations of the Abbott ID NOW device, before v7.1, can be interrupted and/or modified via physical access to an internal serial port. Direct physical access is required to exploit...

nemo-appium 安全漏洞

nemo-appium is an open source plugin for PayPal. It is used to start the appium server during Nemo startup and terminate it at driver time. A security vulnerability exists in versions prior to nemo-appium 0.0.9, which stems from improper cleaning of user input...

CVE-2019-19694

The Trend Micro Security 2019 15.0.0.1163 and below consumer family of products is vulnerable to a denial of service DoS attack in which a malicious actor could manipulate a key file at a certain time during the system startup process to disable the product's malware protection functions or the...

CVE-2012-6135

RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process...

CVE-2012-6135

RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process...

CVE-2018-5349

A vulnerability has been found in Heimdal PRO v2.2.190, but it is most likely also present in Heimdal FREE and Heimdal CORP. Faulty permissions on the directory "C:\ProgramData\Heimdal Security\Heimdal Agent" allow BUILTIN\Users to write new files to the directory. On startup, the process...