7 matches found
EUVD-2023-33776
Malicious code in bioql PyPI...
EUVD-2021-31665
Malicious code in bioql PyPI...
CVE-2024-13177
Netskope Client on Mac OS is impacted by a vulnerability in which the postinstall script does not properly validate the path of the file “nsinstallation”. A standard user could potentially create a symlink of the file “nsinstallation” to escalate the privileges of a different file on the system...
CVE-2024-13177
CVE-2024-13177 affects Netskope Client on macOS where the postinstall script fails to validate the path of the nsinstallation file, allowing a local attacker to create a symlink to escalate privileges to a different file. Reported impact is privilege escalation with affected versions before 123.0...
Netskope Client 安全漏洞
Netskope Client is a client program from Netskope USA for connecting to manage the Netskope Cloud Platform. A security vulnerability exists in Netskope Client that stems from a postinstall script that does not properly validate the path to the nsinstallation file, which could lead to elevation of...
CVE-2022-4149 Local privilege escalation using log file
The Netskope client service prior to R96 on Windows runs as NT AUTHORITY\SYSTEM which writes log files to a writable directory C:\Users\Public\netSkope for a standard user. The files are created and written with a SYSTEM account except one file logplaceholder which inherits permission giving all...
CVE-2021-44862 Sensitive Information store in NSClient logs
Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user c...