CVE-2024-40872

There is an elevation of privilege vulnerability in server and client components of Absolute Secure Access prior to version 13.07. Attackers with local access and valid desktop user credentials can elevate their privilege to system level by passing invalid address data to the vulnerable component...

CVE-2022-26634

HMA VPN v5.3.5913.0 contains an unquoted service path which allows attackers to escalate privileges to the system level...

CVE-2020-8240

A vulnerability in the Pulse Secure Desktop Client 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. This vulnerability only affects Windows PDC if the Embedded Browser is configured with the...

SolarWinds DameWare Mini Remote Control < 12.0.3 Buffer Overflow Vulnerability

SolarWinds DameWare Mini Remote Control is prone to a local buffer overflow vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...

Command injection

A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before v11 SP6. A certain message parsing function inside the Commvault service does not properly validate the input of an incoming string before passing it to CreateProcess. As a result, a specially crafted...

This is How CIA Disables Security Cameras During Hollywood-Style Operations

In last 20 years, we have seen hundreds of caper/heist movies where spies or bank robbers hijack surveillance cameras of secure premises to either stop recording or set up an endless loop for covert operations without leaving any evidence. Whenever I see such scenes in a movie, I wonder and ask...