CVE-2025-7024 Local privilege escalation in Windows Server OS through installed Tetra Connectivity Server (TCS)

Incorrect Default Permissions vulnerability in AIRBUS PSS TETRA Connectivity Server on Windows Server OS allows Privilege Abuse. An attacker may execute arbitrary code with SYSTEM privileges if a user is tricked or directed to place a crafted file into the vulnerable directory. This issue affects...

CVE-2025-7024 Local privilege escalation in Windows Server OS through installed Tetra Connectivity Server (TCS)

Incorrect Default Permissions vulnerability in AIRBUS PSS TETRA Connectivity Server on Windows Server OS allows Privilege Abuse. An attacker may execute arbitrary code with SYSTEM privileges if a user is tricked or directed to place a crafted file into the vulnerable directory. This issue affects...

Notepad++ < 8.8.2 Privilege Escalation (CVE-2025-49144)

The version of Notepad++ installed on the remote host is prior to 8.8.2. It is, therefore, affected by a privilege escalation vulnerability: - Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1...

PT-2023-31553 · Mullvad · Mullvad Vpn Windows App

Name of the Vulnerable Software and Affected Versions: Mullvad VPN Windows app versions prior to 2023.6-beta1 Description: An issue was discovered in the Mullvad VPN Windows app, where insufficient permissions on a directory allow any local unprivileged user to escalate privileges to SYSTEM...

CVE-2023-34442

A flaw was found in the camel-jira package. The package was creating a file directly instead of using Files.createTempFile in FileConverter, which could lead to the unexpected creation of a file in a vulnerable directory, giving access to unauthorized actors...

Trojan.Win32.Cospet.abg Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5f5b308853b9aa9243390c135ff6ba1b.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Cospet.abg Vulnerability: Insecure Permissions EoP Description: Cospet.abg, creates an...

CVE-2019-13241

FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ dot dot slash in a ZIP archive entry that is mishandled during extraction...

Tunnelblick - Local Root Exploit (2)

No description provided by source. !/bin/sh Pwnnel Blicker for kids zx2c4 This is another exploit for Tunnel Blick. Other exploits for Tunnel Blick are available here: http://git.zx2c4.com/Pwnnel-Blicker/tree/ echo + Making vulnerable directory. mkdir -pv /tmp/pwn/openvpn/openvpn-0 echo + Prepari...

MS IIS 3.0/4.0/5.0 PWS Escaped Characters Decoding Command Execution (4)

No description provided by source. source: http://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before...

Tunnelblick - Local Root Exploit

No description provided by source. / ==== Pwnnel Blicker ==== = = = zx2c4 = = = ======================== Tunnel Blick, a widely used OpenVPN manager for OSX comes with a nice SUID executable that has more holes than you care to count. It's a treasure chest of local roots. I picked one that looked...

Cart Engine 3.0.0 Database Backup Disclosure Exploit

Summary Open your own online shop today with Cart Engine! The small, yet powerful and don't forget, FREE shopping cart based on PHP & MySQL. Unique features of Cart Engine include: CMS engine based on our qEngine, product options, custom fields, digital products, search engine friendly URL, user...

Webhints 1.03 - Remote Command Execution (C) (2)

/ T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR : WebHints Remote C0mmand Execution Vuln Coded By: A l p h a P r o g r a m m e r Sirus-v E-Mail: [email protected] This Xpl Upload a Page in Vulnerable Directory , You can Change This Code For Yourself GR33tz T0 ==...

Webhints <= 1.03 Remote Command Execution Exploit (c code) (2)

Exploit for cgi platform in category web applications ============================================================== Webhints mhp0rtal -- oilKarchack -- The-CephaleX -- Str0ke And Iranian Security & Technical Sites: TechnoTux.Com , IranTux.Com , Iranlinux.ORG , Barnamenevis.ORG Crouz , Simorgh-ev...

Webhints 1.03 - Remote Command Execution (C) (2)

Webhints 1.03 - Remote Command Execution C 2 / T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR : WebHints Remote C0mmand Execution Vuln Coded By: A l p h a P r o g r a m m e r Sirus-v E-Mail: [email protected] This Xpl Upload a Page in Vulnerable Directory , You ca...