156 matches found
CVE-2025-61667
The Datadog Agent collects events and metrics from hosts and sends them to Datadog. A vulnerability within the Datadog Linux Host Agent versions 7.65.0 through 7.70.2 exists due to insufficient permissions being set on the opt/datadog-agent/python-scripts/pycache directory during installation. Co...
CVE-2025-11535
MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24...
EUVD-2020-18671
Malware in sbrugna...
EUVD-2025-20269
Malicious code in bioql PyPI...
EUVD-2022-33715
Malicious code in bioql PyPI...
EUVD-2025-27593
Malicious code in bioql PyPI...
EUVD-2022-39269
Malicious code in bioql PyPI...
CVE-2025-57392
BenimPOS Masaustu 3.0.x is affected by insecure file permissions. The application installation directory grants Everyone and BUILTIN\Users groups FILEALLACCESS, allowing local users to replace or modify .exe and .dll files. This may lead to privilege escalation or arbitrary code execution upon...
CVE-2012-10051
Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. When a specially crafted load file is placed in the installation directory, the application fails to properly validate its contents, leading to a buffer...
CVE-2025-36014
IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a privileged user with access to the IIB install directory...
CVE-2025-36014
IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a privileged user with access to the IIB install directory...
CVE-2025-36014
IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a privileged user with access to the IIB install directory...
Tenable Network Monitor Elevation of Privilege Vulnerability
Tenable Network Monitor is an open source system vulnerability scanner developed by Tenable Inc. in the United States, mainly used for network vulnerability scanning and security assessment. Tenable Network Monitor suffers from an elevation of privilege vulnerability, which stems from improperly...
CVE-2025-20298
In Universal Forwarder for Windows versions below 9.4.2, 9.3.4, 9.2.6, and 9.1.9, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory by default, C:\Program...
CVE-2022-36563
Incorrect access control in the install directory C:\RailsInstaller of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...
CVE-2014-5093
Status2k does not remove the install directory allowing credential reset...
Arbitrary Code Execution
Overview Affected versions of this package are vulnerable to Arbitrary Code Execution by implanting a malicious wheel file in pip's installation directory, which will replace the module being installed and get executed during installation. Note: The specific vulnerable behavior arises because...
OpenVPN Security Vulnerabilities
OpenVPN is a software package from US-based OpenVPN for creating encrypted tunnels for Virtual Private Networks VPNs, which uses the OpenSSL library to encrypt data and control information, and allows the created VPN to be authenticated using a public key, an electronic certificate, or a...
CVE-2024-0246
A vulnerability classified as problematic has been found in IceWarp 12.0.2.1/12.0.3.1. This affects an unknown part of the file /install/ of the component Utility Download Handler. The manipulation of the argument lang with the input 1%27"%26%25alertdocument.domain leads to cross site scripting. ...
PT-2024-15408 · Icewarp · Icewarp
Name of the Vulnerable Software and Affected Versions: IceWarp versions 12.0.2.1 through 12.0.3.1 Description: A problematic issue has been discovered, affecting the Utility Download Handler component in the /install/ file. The issue can be exploited by manipulating the lang argument with a...