CVE-2020-27696

Trend Micro Security 2020 Consumer contains a vulnerability in the installer package that could be exploited by placing a specific Windows system directory which can lead to obtaining administrative privileges during the installation of the product...

CVE-2020-27131

Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. These vulnerabilities are due to insecure deserialization of user-supplied content by the...

Citrix App Layering: Compress Layer Utility

Introduction When layers are created in Unidesk 2.x files are written into the vmdk at the block level. The vmdk being written to is a “Thin” disk but deleted blocks are not freed up before saving the layer. This means that the layer sizer is greater then the actual size of the files required to...

PT-2020-4254 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling objects in memory within the NetBIOS protocol implementation in Windows. This could allow an attacker to gain unauthorized access to protected...

Top anti-virus, anti-malware products contain security flaws

By Deeba Ahmed According to cybersecurity firm CyberArk, at least one anti-malware software is vulnerable to exploitation in every Windows system. This is a post from HackRead.com Read the original post: Top anti-virus, anti-malware products contain security flaws...

CVE-2020-13347

A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKERAUTHCONFIG build variable...

Security Bulletin: Improper DLL loading vulnerability affecting Aspera Connect 3.9.9 and earlier

Summary IBM Aspera Connect could allow a local attacker to execute arbitrary code on the Windows system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker could exploit this vulnerability to execut...

Adobe Acrobat and Reader Memory Corruption Vulnerability (CNVD-2020-52166)

Adobe Acrobat and Reader are the United States Odo than Adobe company's products. Adobe Acrobat is a set of PDF file editing and conversion tools. Reader is a set of PDF document reading software. Windows and macOS platform based on Adobe Acrobat and Reader security vulnerabilities exist. Attacke...

Python Software Foundation Python Installed (Windows)

Binary data pythonwininstalled.nbin...

Microsoft Windows System Events Broker Elevation of Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in Microsoft Windows System Events Broker,...

Privilege escalation

An elevation of privilege vulnerability exists when the Windows System Events Broker improperly handles file operations, aka 'Windows System Events Broker Elevation of Privilege Vulnerability'...

Windows System Events Broker Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows System Events Broker improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an attacker would first need code execution on a victim...

CVE-2020-7814

RAONWIZ v2018.0.2.50 and eariler versions contains a vulnerability that could allow remote files to be downloaded and excuted by lack of validation to file extension, witch can used as remote-code-excution attacks by hackers File download & execution vulnerability in COMPONENT of RAONWIZ RAON...

Pulse Secure Desktop Client TOCTOU Privilege Escalation Vulnerability (SA44503)

The Pulse Secure Desktop Client installed on the remote Windows system is affected by a TOCTOU time-of-check to time-of-use privilege escalation vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid137857; scriptversion"1.4";...

The vulnerability of the CDPSvc service of the Windows operating system, which allows a hacker to escalate their privileges

The vulnerability of the CDPSvc service for Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to enhance their privileges through a specially created application...

Using Real-Time Events in Investigations

To understand what a threat actor did on a Windows system, analysts often turn to the tried and true sources of historical endpoint artifacts such as the Master File Table MFT, registry hives, and Application Compatibility Cache AppCompat. However, these evidence sources were not designed with...

Microsoft Windows Media Foundation Information Disclosure Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Media Foundation is one of the multimedia application libraries. An information disclosure...

CVE-2020-1011

An elevation of privilege vulnerability exists when the Windows System Assessment Tool improperly handles file operations, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1015...

Microsoft Windows Graphics Device Interface Remote Code Execution Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows Graphics Device Interface GDI is one of the graphic device interfaces. A remote co...

CVE-2017-12580

An issue was discovered in IDM UltraEdit through 24.10.0.32. To exploit the vulnerability, on unpatched Windows systems, an attacker could include in the same directory as the affected executable a DLL using the name of a Windows DLL. This DLL must be preloaded by the executable for example,...