Lucene search
K

52 matches found

Positive Technologies
Positive Technologies
added 2024/12/03 12:0 a.m.9 views

PT-2024-35976 · Samsung · Samsung Magician

Name of the Vulnerable Software and Affected Versions: Samsung Magician version 8.1.0 Description: An issue was discovered in the installer of Samsung Magician on Windows, allowing an attacker to create arbitrary folders in the system permission directory via a symbolic link during the installati...

2.8CVSS6.2AI score0.00166EPSS
Exploits0References6
Citrix
Citrix
added 2024/10/18 12:0 a.m.13 views

VDA Installer Only Displays Splash Screen then Closes

When installing the workstation VDA, the Installer Splash Screen appears for a second then disappears. Nothing is logged in the installer logs There are no crashes reported in the eventlogs DebugView shows the installer exits with status Code: 1 Using the Citrix VDA Cleanup Utility Tool does not...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/07/16 12:0 a.m.7 views

PT-2024-24920 · Software House · Software House Ccure 9000

Name of the Vulnerable Software and Affected Versions: Software House C•CURE 9000 affected versions not specified Description: The issue arises when the Software House C•CURE 9000 installer utilizes unnecessarily wide permissions under certain circumstances. Recommendations: At the moment, there ...

7.8CVSS7AI score0.00148EPSS
Exploits0References7
Citrix
Citrix
added 2024/07/13 12:0 a.m.9 views

Uninstallation of the Citrix License Server Fails with Error 1722

The uninstallation of the Citrix License Server fails and the following error message is displayed: “Product: Citrix Licensing -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or...

7AI score
Exploits0
Citrix
Citrix
added 2024/07/13 12:0 a.m.10 views

"Error 1722 . There is a problem with the Windows Installer package" on Provisioning Services

When removing or Installing the Citrix Provisioning Services PVS Server Console or Citrix Provisioning Services PVS target Device X64 from Add/Remove Programs or Provisioning services ISO, the following error message appears: “Error 1722. There is a problem with the Windows Installer package.A...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2023/08/08 12:0 a.m.6 views

Zoom Client Code Issue Vulnerability

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability previously existed in Zoom Desktop Client for Windows version 5.14.5, which stemmed from an untrusted search path issue in the installer...

7.8CVSS6.9AI score0.00287EPSS
Exploits0References2
Prion
Prion
added 2022/09/06 9:15 p.m.19 views

Privilege escalation

An issue was discovered in YSoft SAFEQ 6 before 6.0.72. Incorrect privileges were configured as part of the installer package for the Client V3 services, allowing for local user privilege escalation by overwriting the executable file via an alternative data stream. NOTE: this is not the same as...

4.3CVSS7.9AI score0.00362EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/08/30 9:15 p.m.29 views

CVE-2022-37173

An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe...

7.8CVSS0.00182EPSS
Exploits0References1
CVE
CVE
added 2022/08/30 8:5 p.m.65 views

CVE-2022-37173

The CVE-2022-37173 entry describes a vulnerability in the gvim 9.0.0000 installer that allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe. Affected component: the installer. Root cause: binary hijacking during installation. Impact: remote arbi...

7.8CVSS7.7AI score0.00182EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2021/08/24 7:15 p.m.1 views

CVE-2021-28594

Adobe Creative Cloud Desktop Application installer version 2.4 and earlier is affected by an Uncontrolled Search Path Element vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this...

7.8CVSS7.6AI score0.02689EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/08/24 12:0 a.m.46 views

JVN#80288258: The installers of multiple Sony products may insecurely load Dynamic Link Libraries

The installers of multiple Sony products contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest installer by following the...

7.8CVSS7.8AI score0.00315EPSS
Exploits0
OSV
OSV
added 2021/03/19 8:15 p.m.6 views

CVE-2019-10128

A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, this allows a...

7.8CVSS6.9AI score0.00445EPSS
Exploits1References3
Cvelist
Cvelist
added 2020/11/12 6:16 p.m.21 views

CVE-2020-12330

Improper permissions in the installer for the IntelR Falcon 8+ UAS AscTec Thermal Viewer, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8AI score0.00278EPSS
Exploits0References1
OSV
OSV
added 2020/09/03 2:15 p.m.6 views

CVE-2020-7382

Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted Search Path which may allow an attacker on the local machine to insert an arbitrary file into the executable path. This issue affects: Rapid7 Nexpose versions prior to 6.6.40...

6.5CVSS6.7AI score0.00288EPSS
Exploits1References1
OSV
OSV
added 2020/02/11 3:15 p.m.2 views

UBUNTU-CVE-2020-6417

Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local attacker to execute arbitrary code via a crafted registry entry...

7.8CVSS7.5AI score0.00295EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/05/24 6:25 a.m.7 views

The installer of PlayMemories Home for Windows may insecurely load Dynamic Link Libraries

Overview PlayMemories Home for Windows provided by Sony Corporation is Image Management Software. The installer of PlayMemories Home for Windows contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications...

7.8CVSS7AI score0.01027EPSS
Exploits0References6
OSV
OSV
added 2017/12/31 3:14 p.m.9 views

MGASA-2017-0482 Updated ruby-RubyGems packages fix security vulnerabilities

An ANSI escape sequence vulnerability CVE-2017-0899. A DoS vulnerability in the query command CVE-2017-0900. A vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files CVE-2017-0901. A DNS request hijacking vulnerability CVE-2017-0902. An unsafe object...

9.8CVSS8.6AI score0.29442EPSS
Exploits6References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/11 12:0 a.m.61 views

JVN#94056834: Installer of HIBUN Confidential File Viewer may insecurely load Dynamic Link Libraries and invoke executable files

Installer of HIBUN Confidential File Viewer provided by Hitachi Solutions, Ltd. contains an issue with the search path for DLL/executable files, which may lead to insecurely loading Dynamic Link Libraries and invoking executable files CWE-427. Impact Arbitrary code may be executed with the...

9.3CVSS7.8AI score0.01008EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 12:0 a.m.75 views

JVN#36303528: Installer and self-extracting archive containing the installer of "Security Setup Tool" may insecurely load Dynamic Link Libraries

The installer and the self-extracting archive containing the installer of "Security Setup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be...

9.3CVSS7.7AI score0.01059EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/17 8:29 a.m.4 views

Installer of Shin Kinkyuji Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries

Overview Installer of Shin Kinkyuji Houkoku Data Nyuryoku Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability ...

9.3CVSS6.8AI score0.01238EPSS
Exploits0References6
Rows per page
Query Builder