When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious...
7.8CVSS
7.7AI Score
0.001EPSS
An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended...
7.8CVSS
7.6AI Score
0.001EPSS
nw-with-arm is a NW Installer including ARM-Build. nw-with-arm downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the....
8.1CVSS
8.2AI Score
0.002EPSS
fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary...
7CVSS
6.8AI Score
0.0004EPSS