832 matches found
Code injection
Sony PlayMemories Home v6.0 contains an unquoted service path which allows attackers to escalate privileges to the system level...
Code injection
MiniTool Partition Wizard v12.0 contains an unquoted service path which allows attackers to escalate privileges to the system level...
CVE-2022-27094
Sony PlayMemories Home v6.0 contains an unquoted service path which allows attackers to escalate privileges to the system level...
iPhones Vulnerable to Attack Even When Turned Off
Attackers can target iPhones even when they are turned off due to how Apple implements standalone wireless features Bluetooth, Near Field Communication NFC and Ultra-wideband UWB technologies in the device, researchers have found. These features—which have access to the iPhone’s Secure Element SE...
CVE-2022-22782
The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptible to a local...
FANUC ROBOGUIDE elevation of privilege vulnerability
FANUC ROBOGUIDE is a robot simulation software from FANUC, Japan. FANUC ROBOGUIDE v9.40083.00.05 and previous versions have an elevation of privilege vulnerability. The vulnerability stems from the fact that the affected product is vulnerable to misconfigured binaries, and an attacker with...
Privilege escalation
The affected product is vulnerable to misconfigured binaries, allowing users on the target PC with SYSTEM level privileges access to overwrite the binary and modify files to gain privilege escalation...
CVE-2021-38483 ICSA-22-109-03 FANUC ROBOGUIDE Simulation Platform
The affected product is vulnerable to misconfigured binaries, allowing users on the target PC with SYSTEM level privileges access to overwrite the binary and modify files to gain privilege escalation...
CVE-2022-25165
An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the validation of VPN configuration files. This allows parameters outside of the AWS VPN Client allow list to be injected into the configuration file prior to the AWS VPN Client service running as SYSTEM...
CVE-2022-20067
In mdp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836585; Issue ID: ALPS05836585...
BitComet Service for Windows Elevation of Privilege Vulnerability
BitComet is a BitTorrent client software written in C for the Microsoft Windows platform, which can also be used for HTTP/FTP downloads.An elevation of privilege vulnerability exists in BitComet Service for Windows, which can be exploited by attackers to elevate privileges to the system level...
BitComet 代码问题漏洞
BitComet is a BitTorrent client software written in C for the Microsoft Windows platform, which can also be used for HTTP/FTP downloads.An elevation of privilege vulnerability exists in BitComet Service for Windows, which can be exploited by attackers to elevate privileges to the system level...
CVE-2022-25623
The Symantec Management Agent is susceptible to a privilege escalation vulnerability. A low privilege local account can be elevated to the SYSTEM level through registry manipulations...
CVE-2022-25031
Remote Desktop Commander Suite Agent before v4.8 contains an unquoted service path which allows attackers to escalate privileges to the system level...
Remote Desktop Commander Suite Agent 代码问题漏洞
Remote Desktop Commander Suite Agent is a terminal server and Citrix session management software. Provides comprehensive management and visibility into server-based computing environments. Whether you are running Microsoft RDS, Windows Virtual Desktops/Azure Virtual Desktops, Citrix...
CVE-2021-4199
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issu...
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges...
Advantech 安全漏洞
Advantech DeviceOn/iEdge Server is industrial device intelligence software that enables non-intelligent devices to have IoT connectivity management capabilities.Advantech DeviceOn/iEdge Server elevation of privilege vulnerability can be exploited by attackers to gain elevated privileges to NT...
PT-2022-6124 · Microsoft · Windows Backup Service +1
Name of the Vulnerable Software and Affected Versions: Windows Backup Service versions prior to the fixed version Description: The issue is related to errors in privilege management within the Windows Backup Service, allowing an attacker to elevate their privileges to the level of SYSTEM. This ca...
CVE-2021-21910
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger...