Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Software Updater Security Vulnerabilities

cve
cve

CVE-2023-3181

The C:\Program Files (x86)\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Temp~nsu.tmp and copies itself to it as Au_.exe. The C:\Windows\Temp~nsu.tmp\Au_.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an...

7.8CVSS

7.6AI Score

0.0004EPSS

2024-01-25 04:15 PM
18
cve
cve

CVE-2022-28944

Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network...

8.8CVSS

9.2AI Score

0.012EPSS

2022-05-23 06:16 PM
53
4
cve
cve

CVE-2020-5674

Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified...

7.8CVSS

7.7AI Score

0.001EPSS

2020-11-24 07:15 AM
43
cve
cve

CVE-2020-12431

A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with...

6.6CVSS

6.6AI Score

0.0004EPSS

2020-05-21 05:15 PM
1412
cve
cve

CVE-2020-12463

An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file hard links. This allows local users to obtain take control of arbitrary...

7.8CVSS

7.6AI Score

0.0004EPSS

2020-05-05 10:15 PM
49
cve
cve

CVE-2019-17449

Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. NOTE: The vendor thinks that this vulnerability is invalid because exploiting it would require at least administrator privileges and would gain only SYSTEM...

6.7CVSS

6.6AI Score

0.0004EPSS

2019-10-10 04:15 PM
29
cve
cve

CVE-2019-11396

An issue was discovered in Avira Free Security Suite 10. The permissive access rights on the SoftwareUpdater folder (files / folders and configuration) are incompatible with the privileged file manipulation performed by the product. Files can be created that can be used by an unprivileged user to.....

7.8CVSS

7.5AI Score

0.0004EPSS

2019-08-29 08:15 PM
17
cve
cve

CVE-2017-6466

F-Secure Software Updater 2.20, as distributed in several F-Secure products, downloads installation packages over plain http and does not perform file integrity validation after download. Man-in-the-middle attackers can replace the file with their own executable which will be executed under the...

8.1CVSS

8AI Score

0.001EPSS

2017-03-11 06:59 AM
16