832 matches found
EUVD-2026-2769
10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalati...
CVE-2021-47767
CVE-2021-47767 affects 10-Strike Network Inventory Explorer Pro 9.31, specifically the srvInventoryWebServer service which runs with LocalSystem privileges. The root cause is an unquoted service path, allowing an attacker to place a malicious executable in an unresolved path segment to achieve pr...
CVE-2023-31468
An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 Runtime RT7.3 RC3 20221209.5. The "%PROGRAMFILESX86%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version...
CVE-2023-31060
Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Jan-2026 Release 1 prior to Release 1, which stems from improper input validation an...
CVE-2022-27095
BattlEye v0.9 contains an unquoted service path which allows attackers to escalate privileges to the system level...
CVE-2019-12876
Zoho ManageEngine ADManager Plus 6.6.5, ADSelfService Plus 5.7, and DesktopCentral 10.0.380 have Insecure Permissions, leading to Privilege Escalation from low level privileges to System...
CVE-2025-20806
In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114835; Issue ID: MSV-4479...
CVE-2025-20802
In geniezone, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10238968; Issue ID: MSV-4914...
PT-2026-1380
Name of the Vulnerable Software and Affected Versions KeyInstall affected versions not specified Description An out-of-bounds write issue exists in KeyInstall due to a missing bounds check. Successful exploitation of this issue could allow a malicious actor with System privileges to escalate thei...
CVE-2025-14494
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on...
EUVD-2025-205011
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on...
CVE-2025-14500
IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...
CVE-2025-14406
Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Soda PDF Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system...
CVE-2025-14405
PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows phyiscally-present attackers to escalate privileges on affected installations of PDFsam Enhanced. An attacker must first obtain the ability to mount a malicious drive onto the targ...
CVE-2025-13703
VIPRE Advanced Security for PC is affected by CVE-2025-13703 due to incorrect permissions on a folder in the product installer, enabling local privilege escalation to SYSTEM for code execution after bypassing low-privilege startup. Exploitation details are not provided in the available documents....
CVE-2025-14406 Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Soda PDF Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system...
CVE-2025-14491
CVE-2025-14491 affects RealDefense SUPERAntiSpyware. The issue resides in the SAS Core Service and is caused by an exposed dangerous function, enabling a local attacker who can run low-privileged code to escalate privileges to SYSTEM and execute arbitrary code. The vulnerability is tied to ZDI ad...
EUVD-2025-204595
OCS Inventory NG 2.3.0.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to system level. Attackers can place a malicious executable in the unquoted service path and trigger the service restart to execute code with elevated system privileges...
CVE-2023-53947 OCS Inventory NG 2.3.0.0 Unquoted Service Path Privilege Escalation
OCS Inventory NG 2.3.0.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to system level. Attackers can place a malicious executable in the unquoted service path and trigger the service restart to execute code with elevated system privileges...