44 matches found
PT-2026-40624
IObit Uninstaller 9.5.0.15 contains an unquoted service path vulnerability in the IObitUnSvr service that allows local attackers to escalate privileges to SYSTEM level. Attackers can place a malicious executable named IObit.exe in the C:Program Files x86IObit directory and restart the service to...
CVE-2020-36977 Wondershare Driver Install Service help 10.7.1.321 - 'ElevationService' Unquote Service Path
Wondershare Driver Install Service contains an unquoted service path vulnerability in the ElevationService executable that allows local attackers to potentially inject malicious code. Attackers can exploit the unquoted path to replace the service binary with a malicious executable, enabling...
CVE-2025-52694
Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote attacker to execute arbitrary SQL commands on the vulnerable service when it is exposed to the Internet, potentially affecting data confidentiality, integrity, and availability. Users and administrato...
EUVD-2016-2263
Malware in sbrugna...
EUVD-2025-20139
Malicious code in bioql PyPI...
CVE-2025-5333
Remote attackers can execute arbitrary code in the context of the vulnerable service process...
Microsoft PC Manager Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft PC Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-5333
Remote attackers can execute arbitrary code in the context of the vulnerable service process...
CVE-2025-27811
A local privilege escalation in the razerelevationservice.exe in Razer Synapse 4 through 4.0.86.2502180127 allows a local attacker to escalate their privileges via a vulnerable COM interface in the target service...
CVE-2025-27811
A local privilege escalation in the razerelevationservice.exe in Razer Synapse 4 through 4.0.86.2502180127 allows a local attacker to escalate their privileges via a vulnerable COM interface in the target service...
Design/Logic Flaw
Vulnerability of incorrect service logic in the WindowManagerServices module.Successful exploitation of this vulnerability may cause features to perform abnormally...
Exploit for Out-of-bounds Write in Fortinet Fortios
cve-2022-42475 POC code to exploit the Heap overflow in Fortin...
PT-2023-14623 · Archibus · Archibus Web Central
Name of the Vulnerable Software and Affected Versions: Archibus Web Central version 2022.03.01.107 Description: The issue is related to a service exposed by the application that accepts a user-controlled parameter used to create an SQL query, making it prone to SQL injection. No information is...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
log4py pythonic pure python RCE exploit for CVE-2021-44228 log...
Common Cloud Misconfigurations Exploited in Minutes, Report
Poorly configured cloud services can be exploit by threat actors in minutes and sometimes in under 30 seconds. Attacks include network intrusion, data theft and ransomware infections, researchers have found. Researchers at Palo Alto Networks’ Unit 42 used a honeypot infrastructure of 320 nodes...
GHSA-6WHF-Q6P5-84WG Improper Access Control in Webauthn Framework
Webauthn Framework 3.3.x before 3.3.4 has Incorrect Access Control. An attacker that controls a user's system is able to login to a vulnerable service using an attached FIDO2 authenticator without passing a check of the user presence...
Improper Access Control in Webauthn Framework
Webauthn Framework 3.3.x before 3.3.4 has Incorrect Access Control. An attacker that controls a user's system is able to login to a vulnerable service using an attached FIDO2 authenticator without passing a check of the user presence...
Millewin 13.39.028 Unquoted Service Path / Insecure Permissions
Exploit Title: Millewin - Local Privilege Escalation Date: 2021-02-07 Author: Andrea Intilangelo Vendor Homepage: https://www.millewin.it Software Homepage: https://www.millewin.it/index.php/prodotti/millewin Software Link:...
Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission
Exploit Title: Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission Date: 21.12.2020 Exploit Author: Adrian Bondocea Vendor Homepage: https://www.fluentd.org/ Software Link: https://td-agent-package-browser.herokuapp.com/4/windows Version: icacls C:\opt\td-agent\bin C:\opt\td-agent\bin...
Sonar Qube 8.3.1 - (SonarQube Service) Unquoted Service Path Vulnerability
Title: Sonar Qube 8.3.1 - 'SonarQube Service' Unquoted Service Path Author: Velayutham Selvaraj Vendor Homepage: https://www.sonarqube.org Software Link: https://www.sonarqube.org/downloads/ Version : 8.3.1 Tested on: Windows 10 64bitEN About Unquoted Service Path : ==============================...