AnyDesk 2.5.0 Privilege Escalation
AnyDesk version 2.5.0 unquoted service path suffers from a privilege escalation vulnerability.
AnyDesk version 2.5.0 unquoted service path suffers from a privilege escalation vulnerability.
RegLoadAppKey is documented to load keys in a location which can’t be enumerated and also non-guessable. However it’s possible to enumerate loaded hives and find ones which can be written to which might lead to elevation of privilege.
TeemIp version 2.0.2 suffers from a cross site scripting vulnerability.
3GP Player version 4.7.0 suffers from a dll hijacking vulnerability.
The NtLoadKeyEx system call allows an unprivileged user to load registry hives outside of the RegistryA hidden attachment point which can be used to elevate privileges.
There is a crash when the AVC decoder in Adobe Flash attempts to free memory, likely indicating memory corruption.
Kerberos in Microsoft Windows suffers from a security feature bypass vulnerability.
Wise Care 365 version 4.27 and Wise Disk Cleaner version 9.29 suffer from an unquoted service path privilege escalation vulnerability.
RealEstate CMS version 3.00.50 suffers from a cross site scripting vulnerability.
Zortam MP3 Studio version 21.15 suffers from an insecure file permission privilege escalation vulnerability.