Sync Breeze Enterprise is prone to a buffer-overflow vulnerability when handling a crafted GET request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.
HP Intelligent Management Center is prone to a remote vulnerability that allows attackers to execute commands under the context of system.
The vulnerability exists within the WdMacCtl ActiveX control This module runs a web server waiting for vulnerable clients (Internet Explorer 8) to connect to it.
Use After Free in Microsoft Office allows remote attackers to execute arbitrary code via crafted EPS file in an Office document, leading to improper memory allocation.
This module exploits a vulnerability on target via a SMB crafted packet.
DiskBoss server is prone to a buffer-overflow vulnerability when handling a crafted GET request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.
An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java object to the Jenkins CLI, making Jenkins connect to an attacker-controlled LDAP server, which in turn can send a serialized payload leading to code execution, bypassing existing protection mechanisms. This can be exploited by malicious local attackers to gain SYSTEM privileges on Windows targets.
A buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header in a PROPFIND request.
HPE Intelligent Management Center is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the RMI Registry service used to manage and monitor the Java Virtual Machine.
The CG6Service Service has the SetPeLauncherState method which allows a user to launch a debugger automatically for a determined process. This can be abused by an attacker to gain SYSTEM privileges by attaching to a SYSTEM process.