Lucene search
K

832 matches found

EUVD
EUVD
added 2026/01/15 3:52 p.m.4 views

EUVD-2026-2769

10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalati...

8.5CVSS7.1AI score0.00213EPSS
Exploits1References4
CVE
CVE
added 2026/01/15 3:52 p.m.16 views

CVE-2021-47767

CVE-2021-47767 affects 10-Strike Network Inventory Explorer Pro 9.31, specifically the srvInventoryWebServer service which runs with LocalSystem privileges. The root cause is an unquoted service path, allowing an attacker to place a malicious executable in an unresolved path segment to achieve pr...

8.5CVSS7.3AI score0.00213EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.4 views

CVE-2023-31468

An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 Runtime RT7.3 RC3 20221209.5. The "%PROGRAMFILESX86%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version...

7.8CVSS6.9AI score0.00823EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.5 views

CVE-2023-31060

Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise...

9.8CVSS6.9AI score0.05574EPSS
Exploits3References1
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.5 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Jan-2026 Release 1 prior to Release 1, which stems from improper input validation an...

5.5CVSS6.5AI score0.00234EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:50 a.m.7 views

CVE-2022-27095

BattlEye v0.9 contains an unquoted service path which allows attackers to escalate privileges to the system level...

7.8CVSS7.2AI score0.00416EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:26 a.m.9 views

CVE-2019-12876

Zoho ManageEngine ADManager Plus 6.6.5, ADSelfService Plus 5.7, and DesktopCentral 10.0.380 have Insecure Permissions, leading to Privilege Escalation from low level privileges to System...

8.5CVSS7AI score0.04607EPSS
Exploits1References1
NVD
NVD
added 2026/01/06 2:15 a.m.4 views

CVE-2025-20806

In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114835; Issue ID: MSV-4479...

6.7CVSS0.00071EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/06 1:46 a.m.24 views

CVE-2025-20802

In geniezone, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10238968; Issue ID: MSV-4914...

0.00071EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.5 views

PT-2026-1380

Name of the Vulnerable Software and Affected Versions KeyInstall affected versions not specified Description An out-of-bounds write issue exists in KeyInstall due to a missing bounds check. Successful exploitation of this issue could allow a malicious actor with System privileges to escalate thei...

7.8CVSS6.6AI score0.00076EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/24 9:19 p.m.5 views

CVE-2025-14494

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on...

7.8CVSS7.5AI score0.00171EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/24 12:30 a.m.3 views

EUVD-2025-205011

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on...

7.8CVSS7AI score0.00171EPSS
Exploits0References2
NVD
NVD
added 2025/12/23 10:15 p.m.9 views

CVE-2025-14500

IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...

9.8CVSS0.01443EPSS
Exploits0References1
NVD
NVD
added 2025/12/23 10:15 p.m.5 views

CVE-2025-14406

Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Soda PDF Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system...

7.8CVSS0.00138EPSS
Exploits0References1
NVD
NVD
added 2025/12/23 10:15 p.m.5 views

CVE-2025-14405

PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows phyiscally-present attackers to escalate privileges on affected installations of PDFsam Enhanced. An attacker must first obtain the ability to mount a malicious drive onto the targ...

6.8CVSS0.00278EPSS
Exploits0References1
CVE
CVE
added 2025/12/23 9:30 p.m.13 views

CVE-2025-13703

VIPRE Advanced Security for PC is affected by CVE-2025-13703 due to incorrect permissions on a folder in the product installer, enabling local privilege escalation to SYSTEM for code execution after bypassing low-privilege startup. Exploitation details are not provided in the available documents....

7.8CVSS7.7AI score0.00116EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/23 9:23 p.m.3 views

CVE-2025-14406 Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Soda PDF Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system...

7.8CVSS7.1AI score0.00138EPSS
Exploits0References1
CVE
CVE
added 2025/12/23 9:17 p.m.11 views

CVE-2025-14491

CVE-2025-14491 affects RealDefense SUPERAntiSpyware. The issue resides in the SAS Core Service and is caused by an exposed dangerous function, enabling a local attacker who can run low-privileged code to escalate privileges to SYSTEM and execute arbitrary code. The vulnerability is tied to ZDI ad...

7.8CVSS7.8AI score0.00171EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/12/19 9:5 p.m.6 views

EUVD-2025-204595

OCS Inventory NG 2.3.0.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to system level. Attackers can place a malicious executable in the unquoted service path and trigger the service restart to execute code with elevated system privileges...

8.5CVSS6.8AI score0.00135EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/19 9:5 p.m.22 views

CVE-2023-53947 OCS Inventory NG 2.3.0.0 Unquoted Service Path Privilege Escalation

OCS Inventory NG 2.3.0.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to system level. Attackers can place a malicious executable in the unquoted service path and trigger the service restart to execute code with elevated system privileges...

8.5CVSS0.00135EPSS
Exploits0References3
Rows per page
Query Builder