Andrew Hess

CVE-2020-9442 NOMISEC HIGH WRITEUP

OpenVPN Connect <3.1.0.361 - Privilege Escalation

OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there.

26 stars

CVSS 7.8

View Code

CVE-2020-13884 NOMISEC HIGH WRITEUP

Citrix Workspace App < 2006.1 - Privilege Escalation via Unquoted Path

Citrix Workspace App before 1912 on Windows has Insecure Permissions and an Unquoted Path vulnerability which allows local users to gain privileges during the uninstallation of the application.

2 stars

CVSS 7.8

View Code

CVE-2019-17124 NOMISEC CRITICAL WRITEUP

Kramer VIAware 2.5.0719.1034 - Incorrect Access Control

Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.

2 stars

CVSS 9.8

View Code

CVE-2020-13885 NOMISEC HIGH WRITEUP

Citrix Workspace App < 2006.1 - Incorrect Default Permissions

Citrix Workspace App before 1912 on Windows has Insecure Permissions which allows local users to gain privileges during the uninstallation of the application.

1 stars

CVSS 7.8

View Code