51 matches found
PT-2024-15851 · Telerik · Telerik Reporting
Name of the Vulnerable Software and Affected Versions: Telerik Reporting versions prior to 2024 R1 Description: A privilege elevation vulnerability has been identified in the application's installer component. In an environment where an existing Telerik Reporting install is present, a lower...
PT-2024-15806 · European Chemicals Agency · Iuclid
Name of the Vulnerable Software and Affected Versions: European Chemicals Agency IUCLID version 7.10.3 Description: A critical vulnerability was found in the European Chemicals Agency IUCLID, affecting an unknown function of the file iuclid6.exe of the component Desktop Installer. The manipulatio...
PT-2023-5911 · Google +4 · Google Chrome +4
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 118.0.5993.70 Description: The issue is related to an inappropriate implementation in the Installer component of Google Chrome, which allowed a local attacker to bypass discretionary access control via a crafte...
Google Chrome Installer Component Security Bypass Vulnerability
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in the Google Chrome Installer component, which can be exploited by attackers to bypass security restrictions...
SUSE CVE-2016-15003
A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiate...
CVE-2023-23698
Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete...
Xataface 跨站脚本漏洞
Xataface is a framework for building rich data-driven applications in PHP and MySQL by Steve Hannah, a personal developer. A cross-site scripting vulnerability in Xataface 2.x and prior versions, which stems from the testftp function in the install/installform.js.php file of its Installer...
PT-2023-12407 · Shannah · Xataface
Name of the Vulnerable Software and Affected Versions: shannah Xataface versions up to 2.x Description: A problematic issue has been found in the function testftp of the file install/install form.js.php of the component Installer, leading to cross site scripting. The attack may be launched...
PT-2022-3952 · Unknown · Ossn Open Source Social Network
Name of the Vulnerable Software and Affected Versions: Open Source Social Network version 6.3 LTS Description: The issue is related to an arbitrary file upload vulnerability in the /ossn/administrator/com installer component. This vulnerability allows attackers to execute arbitrary code via a...
CVE-2016-15003
A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiate...
Code injection
A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiate...
CVE-2017-20018
A vulnerability was found in XAMPP 7.1.1-0-VC14. It has been classified as problematic. Affected is an unknown function of the component Installer. The manipulation leads to privilege escalation. It is possible to launch the attack remotely...
Cross site scripting
A cross-site scripting XSS vulnerability in the installer component of Mautic before 4.3.0 allows admins to inject executable javascript...
CVE-2021-20051
SonicWall Global VPN Client 4.10.7.1117 installer 32-bit and 64-bit and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target system...
The vulnerability of the Edge Installer component of the Microsoft Edge browser allows a perpetrator to elevate their privileges and execute arbitrary code.
The vulnerability of the Microsoft Edge browser’s Edge Installer component is related to errors during the connection to directories. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...
Apple macOS 输入验证错误漏洞
Apple macOS is a proprietary operating system from Apple Inc. that was developed specifically for Mac computers. An input validation error vulnerability exists in macOS, which arises from insufficient validation of user-supplied input within the installer component when processing metadata. The...
Security Updates for Microsoft Visual Studio Products (April 2021)
The Microsoft Visual Studio Products are missing a security update. It is, therefore, affected by the multiple vulnerabilities, including the following: - A privilege escalation vulnerability exists in Microsoft Visual Studio's installer component. An authenticated, local attacker can exploit thi...
The vulnerability of the Windows operating system, related to insecure management of privileges, allows a perpetrator to elevate their privileges.
The vulnerability of the Windows operating system’s Installer component is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...
The vulnerability of the Installer component in Intel Dynamic Application Loader (DAL) software allows a hacker to enhance their privileges.
The vulnerability of the Installer component in Intel Dynamic Application Loader DAL software is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
CVE-2020-24433 Adobe Acrobat Reader DC Local Privilege Escalation via Installer Component
Adobe Acrobat Reader DC versions 2020.012.20048 and earlier, 2020.001.30005 and earlier and 2017.011.30175 and earlier are affected by a local privilege escalation vulnerability that could enable a user without administrator privileges to delete arbitrary files and potentially execute arbitrary...