CVE-2025-9869 Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability

Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...

CVE-2025-9869

CVE-2025-9869 concerns a local privilege escalation in Razer Synapse 3 Macro Module . The flaw exists in the Razer Synapse Service where an attacker can abuse a created symbolic link to delete arbitrary files. This may allow an attacker to escalate privileges and execute arbitrary code in the con...

CVE-2025-61865

Multiple NAS management applications provided by I-O DATA DEVICE, INC. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-61865

Multiple NAS management applications provided by I-O DATA DEVICE, INC. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

EUVD-2025-35653

NarSuS App registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-61865

CVE-2025-61865 affects I-O DATA NarSuS App and related NAS management applications that register Windows services with unquoted file paths. The underlying issue allows a user with write access to the system drive root to execute arbitrary code with SYSTEM privileges (local impact). Publicly avail...

CVE-2025-61865

Multiple NAS management applications provided by I-O DATA DEVICE, INC. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-61871

NAS Navigator2 Windows version by BUFFALO INC. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

PT-2025-41503

Name of the Vulnerable Software and Affected Versions NAS Navigator2 Windows version affected versions not specified Description NAS Navigator2 Windows version by BUFFALO INC. registers a Windows service with an unquoted file path. A user possessing write permissions to the system drive's root...

EUVD-2022-50930

Malicious code in bioql PyPI...

EUVD-2022-39285

Malicious code in bioql PyPI...

EUVD-2025-20501

Malicious code in bioql PyPI...

Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Philips HUE modu...

Unquoted Search Path or Element

Overview Affected versions of this package are vulnerable to Unquoted Search Path or Element via the SunshineService process. An attacker can execute arbitrary code with SYSTEM privileges by placing a malicious executable in a directory path containing spaces, which is interpreted incorrectly by...

Gen Digital CCleaner Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Gen Digital CCleaner. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Some interaction on the part of an administrato...

CVE-2025-59307

RAID Manager provided by Century Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-59307

RAID Manager provided by Century Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-58400

RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-58400

RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-58400

CVE-2025-58400 affects RATOC RAID Monitoring Manager for Windows by RATOC Systems, Inc. The root cause is an unquoted Windows service path, enabling a user with write access to the system drive root directory to run arbitrary code with SYSTEM privileges. Affected products include RATOC RAID Monit...