101 matches found
CVE-2026-4193 D-Link DIR-823G goahead UpdateClientInfo access control
A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function...
EUVD-2021-25073
Malware in sbrugna...
EUVD-2008-2740
Malware in sbrugna...
EUVD-2019-9882
Malware in sbrugna...
EUVD-2008-0535
Malware in sbrugna...
EUVD-2019-19108
Malware in sbrugna...
EUVD-2020-11910
Malware in sbrugna...
EUVD-2019-9894
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-25860
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time- of-Use vulnerability, where signature verification on ...
SUSE CVE-2025-6264
Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions via the Admin.Client.UpdateClientConfig artifact. An attacker can gain elevated privileges and execute arbitrary commands by exploiting insufficient permission checks when collecting artifacts from endpoint...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions via the Admin.Client.UpdateClientConfig artifact. An attacker can gain elevated privileges and execute arbitrary commands by exploiting insufficient permission checks when collecting artifacts from endpoint...
CVE-2025-6264
Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...
CVE-2024-40457
No-IP Dynamic Update Client DUC v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendor's position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior...
CVE-2020-25860
The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time-of-Use vulnerability, where signature verification on an update file takes place before the file is reopened for installation. An attacker who can modify the update file just before it is...
CVE-2020-1014
An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'...
CVE-2019-9745
CloudCTI HIP Integrator Recognition Configuration Tool allows privilege escalation via its EXQUISE integration. This tool communicates with a service Recognition Update Client Service via an insecure communication channel Named Pipe. The data JSON sent via this channel is used to import data from...
CVE-2019-1336
An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1323...
CVE-2019-1337
An information disclosure vulnerability exists when Windows Update Client fails to properly handle objects in memory, aka 'Windows Update Client Information Disclosure Vulnerability'...
CVE-2019-1323
An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1336...