hessandrew

8 exploits Active since Oct 2019
CVE-2020-9442 NOMISEC HIGH WRITEUP
OpenVPN Connect <3.1.0.361 - Privilege Escalation
OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there.
26 stars
CVSS 7.8
CVE-2020-13884 NOMISEC HIGH WRITEUP
Citrix Workspace App < 2006.1 - Privilege Escalation via Unquoted Path
Citrix Workspace App before 1912 on Windows has Insecure Permissions and an Unquoted Path vulnerability which allows local users to gain privileges during the uninstallation of the application.
2 stars
CVSS 7.8
CVE-2019-17124 NOMISEC CRITICAL WRITEUP
Kramer VIAware 2.5.0719.1034 - Incorrect Access Control
Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.
2 stars
CVSS 9.8
CVE-2020-3766 NOMISEC HIGH STUB
Adobe Genuine Integrity Service <6.4 - Privilege Escalation
Adobe Genuine Integrity Service versions Version 6.4 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation.
1 stars
CVSS 7.8
CVE-2020-13885 NOMISEC HIGH WRITEUP
Citrix Workspace App < 2006.1 - Incorrect Default Permissions
Citrix Workspace App before 1912 on Windows has Insecure Permissions which allows local users to gain privileges during the uninstallation of the application.
1 stars
CVSS 7.8
CVE-2019-19231 NOMISEC HIGH STUB
CA Client Automation <14.3 - Privilege Escalation
An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges.
1 stars
CVSS 7.3
CVE-2020-0557 NOMISEC HIGH WRITEUP
Intel PROSet/Wireless WiFi < 21.70.0.6 - Authenticated Privilege Escalation via Insecure Inherited Permissions
Insecure inherited permissions in Intel(R) PROSet/Wireless WiFi products before version 21.70 on Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS 7.8
CVE-2020-0568 NOMISEC MEDIUM WRITEUP
Intel Driver & Support Assistant < 20.1.5 - Authenticated Denial of Service via Race Condition
Race condition in the Intel(R) Driver and Support Assistant before version 20.1.5 may allow an authenticated user to potentially enable denial of service via local access.
CVSS 4.7