Vembu StoreGrid version 4.0 suffers from an unquoted service path privilege escalation vulnerability.
b29c6ffdfe8537775002f7b4833de5c4b184dc26403ea8e7b174a09ca583ed19
Lenovo ThinkVantage Communications Utility version 3.0.42.0 suffers from an unquoted service path privilege escalation vulnerability.
a92ca47eccd01ae4654243d47f3b098b100eb14af6a58f14d8f5b8f4bd1c1453
Lenovo RapidBoot HDD Acelerator version 1.00.0802 suffers from an unquoted service path privilege escalation vulnerability.
a6b8772335422e0cf0c64683caae49c0851754a428eab8c2602a43179af64c52
Lenovo Slim USB Keyboard version 1.09 suffers from an unquoted service path privilege escalation vulnerability.
c6b048c852323d0c128f0fdbfdb0da80e9edc7e1b727fe9bde486243b7df0fc8
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed version 15.1.0.0096 suffers from an unquoted service path privilege escalation vulnerability.
93ad3f4dfc8c19cb80a7afbf2302a43144c1ed62bb27d90dc3729f9a9288339d
PDF Complete version 4.1.12 Corporate Edition suffers from an unquoted service path privilege escalation vulnerability.
b3d2f0693993935cc24db2c2d5962c361d122e7d2e5d0a0ed358ffbda33a896c
Realtek High Definition Audio Driver version 6.0.1.6730 suffers from an unquoted service path privilege escalation vulnerability.
700780fbf4d89fefb8dc9df49a3208a4020621faa844b64615930208233b7637
Oracle Netbeans IDE version 8.1 suffers from a directory traversal vulnerability.
fcd77a7ca37698cc313eccfc4beebbe095c88b70b0ee7e76a01fd60ad3e4e156
Nagios XI version 5.2.9 suffers from cross site scripting, open redirection, and remote content inclusion vulnerabilities.
f6819c69817977ec11f7b497a637eb0c5fa7a9bbd2b15e69eab20752da8e88c5
Windows Kernel Registry Hive loading suffers from a relative arbitrary read in nt!RtlValidRelativeSecurityDescriptor.
80a4978abef184559535ad2ead860cee8b31861865e4e2ed0144052443414e35
Microsoft Edge suffers from an Array.join information leakage vulnerability.
cbd30cba6abc1c9dba36a51837e5b9954d81a66820a2d01925e8e999e475cecc
Windows Kernel Registry Hive loading suffers from a negative RtlMoveMemory size in nt!CmpCheckValueList.
4226c20f898ddea50aed5ae1e6f543f6545b96a29a2cc2e02158ca52f0cc1996
Windows Kernel win32k.sys suffers from a TTF font procession out-of-bounds read in the RCVT TrueType instruction handler.
978709bb25b5987753527c9bcb9b4c0f005e398c09344b315c720b811d9446fa
Sublime Text Editor version 3 suffers from a dll hijacking vulnerability.
35eb40b9dc35ec2a09f2dfd91ac16b3064f107582670741e3e92f43d9203a033
NO-IP DUC version 4.1.1 suffers from a dll hijacking vulnerability.
cff422994d0c40b2f0c51b2cbde558d2e9c60e76675ddff1d5d4f35d5bb31604
SPIP versions 3.1.2 and below suffer from a server-side request forgery vulnerability.
dc168e14bb0b3787609859406eb46abb5130f843e9d1a807bf27946a599a5c1e
SPIP versions 3.1.2 and below suffer from a PHP code execution vulnerability.
8fc707c64156c47e3eeb576edeae6ae8b7c1ca5620aec6068862b998fb7cc40c
WineBottler versions 1.8-rc4 and below suffer from a man-in-the-middle vulnerability that can allow for remote code execution.
90bc884e71bd185168a3b8a5083b0eef421b07484c35ca0e1c107dd9c4919ae8
ManageEngine ServiceDesk Plus version 9.2 build 9207 suffers from an unauthorized information disclosure vulnerability.
ca5032b6240d7fcfedfe155b4a2a37add04b02783d944b43d7889190c570b156
SPIP versions 3.1.2 and below suffer from file enumeration and path traversal vulnerabilities.
d2ab8b128415b09ef61ba0c89730401c75aa3f4ce322dd43fb4058ccc0950ac5
SPIP versions 3.1.2 and below suffer from a cross site scripting vulnerability.
82f26ce8d2e06a0310943f86601d4af8ea95702997bd1830df30452763eead8f
SPIP versions 3.1.2 and below suffer from a cross site request forgery vulnerability.
ac70a9fadf7bb6167051a6bc6282e4fffb3814c2ba5b4c38bd4c9d0a3de2e8c3
The isolated private namespace created by ierutils has a insecure DACL which allows any appcontainer process to gain elevated permissions on the namespace directory which could lead to elevation of privilege.
91dd2dafe62503e1402e801a11454398d381c47becea95deca59b0c271104cab
The isolated private namespace created by ierutils has an insecure boundary descriptor which allows any non-appcontainer sandbox process (such as chrome) or other users on the same system to gain elevated permissions on the namespace directory which could lead to elevation of privilege.
68f3b1ea316257c0328816712b240f725ef353f02ec723df39644a2236351e6b
NtLoadKeyEx takes a flag to open a registry hive read only, if one of the hive files cannot be opened for read access it will revert to write mode and also impersonate the calling process. This can leading to elevation of privilege if a user controlled hive is opened in a system service.
1a8fcebf49504f53a251ec53b447f0516cf99661d4e5a20f9ace8c025cf0207b