Lucene search
K

51 matches found

Positive Technologies
Positive Technologies
added 2024/01/31 12:0 a.m.8 views

PT-2024-15851 · Telerik · Telerik Reporting

Name of the Vulnerable Software and Affected Versions: Telerik Reporting versions prior to 2024 R1 Description: A privilege elevation vulnerability has been identified in the application's installer component. In an environment where an existing Telerik Reporting install is present, a lower...

7.8CVSS7.5AI score0.00193EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/01/21 12:0 a.m.6 views

PT-2024-15806 · European Chemicals Agency · Iuclid

Name of the Vulnerable Software and Affected Versions: European Chemicals Agency IUCLID version 7.10.3 Description: A critical vulnerability was found in the European Chemicals Agency IUCLID, affecting an unknown function of the file iuclid6.exe of the component Desktop Installer. The manipulatio...

7.1CVSS7AI score0.00278EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.15 views

PT-2023-5911 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 118.0.5993.70 Description: The issue is related to an inappropriate implementation in the Installer component of Google Chrome, which allowed a local attacker to bypass discretionary access control via a crafte...

9.8CVSS6.5AI score0.99735EPSS
Exploits128References1113
CNVD
CNVD
added 2023/05/31 12:0 a.m.22 views

Google Chrome Installer Component Security Bypass Vulnerability

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in the Google Chrome Installer component, which can be exploited by attackers to bypass security restrictions...

7.8CVSS6.7AI score0.00454EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.4 views

SUSE CVE-2016-15003

A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiate...

7.8CVSS8.2AI score0.00738EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/02/10 12:20 p.m.22 views

CVE-2023-23698

Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete...

5.5CVSS7.1AI score0.00176EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/01/05 12:0 a.m.4 views

Xataface 跨站脚本漏洞

Xataface is a framework for building rich data-driven applications in PHP and MySQL by Steve Hannah, a personal developer. A cross-site scripting vulnerability in Xataface 2.x and prior versions, which stems from the testftp function in the install/installform.js.php file of its Installer...

6.1CVSS4.2AI score0.00507EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/01/05 12:0 a.m.4 views

PT-2023-12407 · Shannah · Xataface

Name of the Vulnerable Software and Affected Versions: shannah Xataface versions up to 2.x Description: A problematic issue has been found in the function testftp of the file install/install form.js.php of the component Installer, leading to cross site scripting. The attack may be launched...

6.1CVSS4AI score0.00507EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2022/07/25 12:0 a.m.7 views

PT-2022-3952 · Unknown · Ossn Open Source Social Network

Name of the Vulnerable Software and Affected Versions: Open Source Social Network version 6.3 LTS Description: The issue is related to an arbitrary file upload vulnerability in the /ossn/administrator/com installer component. This vulnerability allows attackers to execute arbitrary code via a...

9CVSS7.7AI score0.01574EPSS
Exploits1References12
OSV
OSV
added 2022/07/18 9:15 a.m.3 views

CVE-2016-15003

A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiate...

7.8CVSS4.8AI score0.00738EPSS
Exploits1References3
Prion
Prion
added 2022/07/18 9:15 a.m.24 views

Code injection

A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiate...

4.3CVSS7.2AI score0.00738EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/06/09 11:15 p.m.1 views

CVE-2017-20018

A vulnerability was found in XAMPP 7.1.1-0-VC14. It has been classified as problematic. Affected is an unknown function of the component Installer. The manipulation leads to privilege escalation. It is possible to launch the attack remotely...

7.8CVSS4.8AI score
Exploits0References2
Prion
Prion
added 2022/06/01 4:15 p.m.15 views

Cross site scripting

A cross-site scripting XSS vulnerability in the installer component of Mautic before 4.3.0 allows admins to inject executable javascript...

3.5CVSS4.8AI score0.00436EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/05/04 4:15 p.m.2 views

CVE-2021-20051

SonicWall Global VPN Client 4.10.7.1117 installer 32-bit and 64-bit and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target system...

7.8CVSS5.9AI score0.00697EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/08/10 12:0 a.m.8 views

The vulnerability of the Edge Installer component of the Microsoft Edge browser allows a perpetrator to elevate their privileges and execute arbitrary code.

The vulnerability of the Microsoft Edge browser’s Edge Installer component is related to errors during the connection to directories. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

7CVSS6.8AI score0.00729EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2021/04/27 12:0 a.m.3 views

Apple macOS 输入验证错误漏洞

Apple macOS is a proprietary operating system from Apple Inc. that was developed specifically for Mac computers. An input validation error vulnerability exists in macOS, which arises from insufficient validation of user-supplied input within the installer component when processing metadata. The...

5.5CVSS5.7AI score0.00388EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/04/14 12:0 a.m.87 views

Security Updates for Microsoft Visual Studio Products (April 2021)

The Microsoft Visual Studio Products are missing a security update. It is, therefore, affected by the multiple vulnerabilities, including the following: - A privilege escalation vulnerability exists in Microsoft Visual Studio's installer component. An authenticated, local attacker can exploit thi...

7.8CVSS7.3AI score0.01281EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.6 views

The vulnerability of the Windows operating system, related to insecure management of privileges, allows a perpetrator to elevate their privileges.

The vulnerability of the Windows operating system’s Installer component is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.1AI score0.01198EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/11/26 12:0 a.m.5 views

The vulnerability of the Installer component in Intel Dynamic Application Loader (DAL) software allows a hacker to enhance their privileges.

The vulnerability of the Installer component in Intel Dynamic Application Loader DAL software is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.2CVSS7.2AI score0.00352EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/11/05 7:32 p.m.21 views

CVE-2020-24433 Adobe Acrobat Reader DC Local Privilege Escalation via Installer Component

Adobe Acrobat Reader DC versions 2020.012.20048 and earlier, 2020.001.30005 and earlier and 2017.011.30175 and earlier are affected by a local privilege escalation vulnerability that could enable a user without administrator privileges to delete arbitrary files and potentially execute arbitrary...

7.8CVSS7.8AI score0.1524EPSS
Exploits0References1
Rows per page
Query Builder