EUVD-2020-12236

Malware in sbrugna...

CVE-2020-1360

An elevation of privilege vulnerability exists when the Windows Profile Service improperly handles file operations, aka 'Windows Profile Service Elevation of Privilege Vulnerability'...

CVE-2023-51750

ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur. NOTE: the vendor's position is "Not vulnerable if the default Windows device profile configuration is used which utilizes modern management with website allow-listing rules."...

CVE-2023-51750

ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur. NOTE: the vendor's position is "Not vulnerable if the default Windows device profile configuration is used which utilizes modern management with website allow-listing rules."...

CVE-2023-51749

ScaleFusion 10.5.2 does not properly limit users to the Edge application because a search can be made from a tooltip. NOTE: the vendor's position is "Not vulnerable if the default Windows device profile configuration is used which utilizes modern management with website allow-listing rules."...

PT-2024-14284 · Unknown · Scalefusion

Name of the Vulnerable Software and Affected Versions: ScaleFusion version 10.5.2 Description: The issue arises because ScaleFusion does not properly limit users to the Edge application, allowing file downloads to occur. The vendor notes that the default Windows device profile configuration, whic...

PT-2022-1675 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an uncontrolled resource consumption in the implementation of the user account profile picture in Windows operating systems. This can be exploited to cause a denial ...

Microsoft Windows User Profile Service 后置链接漏洞

Microsoft Windows User Profile Service is a service host from Microsoft Corporation USA that performs user profile loading and unloading operations, such as logging on logging in to Windows . A backlink vulnerability exists in Microsoft Windows User Profile Service. The following products and...

CVE-2020-16940

An elevation of privilege vulnerability exists when the Windows User Profile Service ProfSvc improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker would first...

Microsoft Windows Profile Service Elevation of Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in Microsoft Windows Profile Service, which...

CVE-2020-1360

An elevation of privilege vulnerability exists when the Windows Profile Service improperly handles file operations, aka 'Windows Profile Service Elevation of Privilege Vulnerability'...

CVE-2020-1360

An elevation of privilege vulnerability exists when the Windows Profile Service improperly handles file operations, aka 'Windows Profile Service Elevation of Privilege Vulnerability'...

Privilege escalation

An elevation of privilege vulnerability exists when the Windows Profile Service improperly handles file operations, aka 'Windows Profile Service Elevation of Privilege Vulnerability'...

CVE-2020-1360

An elevation of privilege vulnerability exists when the Windows Profile Service improperly handles file operations, aka 'Windows Profile Service Elevation of Privilege Vulnerability'...

Windows Profile Service Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Profile Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an attacker would first need code execution on a victim syste...

KB4565529: Windows Server 2008 July 2020 Security Update

The remote Windows host is missing security update 4565529 or cumulative update 4565536. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this...

CVE-2004-2657

Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a new installation of Firefox, as reported for the list of Passwords Never Saved web sites. NOTE: T...