23 matches found
CVE-2022-24767
GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account...
CVE-2012-4501
Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs...
Input validation
Cacheservice did not correctly check if relative cache object were pointing to the defined absolute location when accessing resources. An attacker with access to the database and a local or restricted network would be able to read arbitrary local file system resources that are accessible by the...
CVE-2022-24767
GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account...
Code injection
GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account...
CVE-2022-24767
GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account...
CVE-2022-24767
GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account...
Privilege Escalation
libpam-sshauth is vulnerable to privilege escalation. The pamsmauthenticate function in pamsshauth.c allows a context-dependent attackers to bypass authentication or gain privileges via a system user account...
CVE-2020-11543
OpsRamp Gateway before 7.0.0 has a backdoor account vadmin with the password 9vt@f3Vt that allows root SSH access to the server. This issue has been resolved in OpsRamp Gateway firmware version 7.0.0 where an administrator and a system user accounts are the only available user accounts for the...
Clone2Go Video to iPod Converter 2.5.0 - Denial of Service (PoC)
Clone2Go Video to iPod Converter 2.5.0 - Denial of Service PoC Exploit Title: Clone2Go Video to iPod Converter 2.5.0 - Denial of Service PoC Exploit Author: ZwX Exploit Date: 2018-09-11 Vendor Homepage : http://www.clone2go.com/ Software Link: http://www.clone2go.com/down/video-to-ipod-setup.exe...
Icecream v4.53 & Pro - File Permission Privilege Escalation
Document Title: =============== Icecream v4.53 & Pro - File Permission Privilege Escalation References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2058 Release Date: ============= 2017-04-27 Vulnerability Laboratory ID VL-ID: ==================================...
Intel HD Graphics - Unquoted Service Path Privilege Escalation Vulnerability
intel Corp. designs, manufactures and sells computer components and related products. The company also engages in the designing and manufacturing of computing and communication components, such as microprocessors, chipsets, motherboards, and wireless and wired connectivity products. It develops...
Clean Master 1.0 - Unquoted Service Path Privilege Escalation Vulnerability
Clean Master Cleaner is a powerful application dedicated to the cleaning of certain content Android terminal. It is able to remove all traces of activities performed on the Smartphone to free up space and increase performance. This app is able to best improve the security system of the device. Co...
CVE-2016-4422
The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...
CVE-2016-4422
The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...
Authentication flaw
The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...
CVE-2016-4422
The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...
CVE-2016-4422
The pamsmauthenticate function in pamsshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account...
CVE-2016-4422
Removed by vendor...
CVE-2012-4501
Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs...