21818 matches found
CVE-2025-34499
The CVE-2025-34499 entry concerns AnyDesk 7.0.15 and 9.0.1 with an unquoted service path that can allow local, non-privileged users to execute code with elevated SYSTEM privileges. Affected component is the Windows service path configuration; exploitation would involve injecting a malicious execu...
CVE-2025-34499 AnyDesk 9.0.1 Unquoted Service Path Privilege Escalation Vulnerability
AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges. Attackers can exploit the unquoted service path configuration to inject malicious executables that will be run with high-lev...
CVE-2025-49642
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory...
CVE-2025-54158
Missing authentication for critical function vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...
CVE-2025-8074
Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...
CVE-2025-8074
Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...
CVE-2025-54160
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...
CVE-2025-54160
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...
CVE-2025-8074
CVE-2025-8074 describes an origin validation error in Synology BeeDrive for desktop up to version 1.4.3-13973 . The flaw allows local users to write arbitrary files containing non-sensitive information via unspecified vectors, indicating a local-privilege/unauthorized-write possibility as stated ...
CVE-2025-8074
Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...
EUVD-2025-201163
Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...
CVE-2025-8074
Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...
EUVD-2025-201165
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...
CVE-2025-54160
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...
PT-2025-49048
Name of the Vulnerable Software and Affected Versions Synology BeeDrive for desktop versions prior to 1.4.3-13973 Description A flaw exists in BeeDrive that allows local users to write arbitrary files containing non-sensitive information. The issue is due to an origin validation error...
PT-2025-49037
Name of the Vulnerable Software and Affected Versions Synology BeeDrive for desktop versions prior to 1.4.2-13960 Description A missing authentication check exists for a critical function within BeeDrive. This flaw allows local users to potentially execute arbitrary code through unspecified...
SUSE CVE-2025-49642
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory...
CVE-2025-64642
NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries...
EUVD-2025-199986
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory...
CVE-2025-49642
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory...