CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5012
https://notcve.org/view.php?id=CVE-2019-5012
24 Oct 2019 — An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine for a successful exploit. Se presenta una vulnerabilidad de escalada de privilegios explotable en la versión del controlador 6.3.32-3 de Waco... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0760 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5013
https://notcve.org/view.php?id=CVE-2019-5013
24 Oct 2019 — An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command. The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this vulnerability to raise load arbitrary launchD agents. An attacker would need local access to the machine for a successful exploit. Se presenta una vulnerabilidad de escalada de privilegios explotable en la versión del cont... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0761 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-0110
https://notcve.org/view.php?id=CVE-2013-0110
08 Apr 2013 — nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program. nvSCPAPISvr.exe en el servicio del controlador NVIDIA Stereoscopic 3D, y distribuido con el controlador NVIDIA anterior a v307.78, y Release v310 anterior a v311.00, en Windows, falta el carácter "(comillas dobles) en la ruta d... • http://www.kb.cert.org/vuls/id/957036 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-0111
https://notcve.org/view.php?id=CVE-2013-0111
08 Apr 2013 — daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program. daemonu.exe (también conocido como NVIDIA Update Service Daemon), distribuido con los controladores NVIDIA anterior a v307.78 y Release v310 anterior a v311.00, en Windows, le falta el carácter "(comillas dobles) en la ruta del servicio,... • http://www.kb.cert.org/vuls/id/957036 •