CVE-2025-10198 LizardBytes Sunshine for Windows contains a DLL search-order hijacking vulnerability

Sunshine for Windows, version v2025.122.141614, contains a DLL search-order hijacking vulnerability, allowing attackers to insert a malicious DLL in user-writeable PATH directories...

Exploit for CVE-2024-32019

CVE-2024-32019-POC Netdata ndsudo local privilage escalation w...

CVE-2023-1577

A path hijacking vulnerability was reported in Lenovo Driver Manager prior to version 3.1.1307.1308 that could allow a local user to execute code with elevated privileges...

Flexera FlexNet Publisher 安全漏洞

Flexera FlexNet Publisher FLEXlm is a software license management core component of the Entitlement Relationship Management Solution from Flexera, USA. The product provides software and hardware manufacturers with the ability to price, package and customize software license terms. A security...

BIT-PYTHON-MIN-2022-26488

In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabl...

K000149184: Python vulnerabilities CVE-2022-26488, CVE-2019-16056, and CVE-2019-5010

Security Advisory Description CVE-2022-26488 In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must...

BIT-NODE-MIN-2021-22921

Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PAT...

CVE-2023-1577

A path hijacking vulnerability was reported in Lenovo Driver Manager prior to version 3.1.1307.1308 that could allow a local user to execute code with elevated privileges...

CVE-2023-1577

Lenovo Driver Manager is affected by a path hijacking vulnerability in versions prior to 3.1.1307.1308, potentially allowing a local user to execute code with elevated privileges. The issue is documented across multiple sources (e.g., PT-Security PT-2024-11939) and affects Lenovo Driver Manager s...

CVE-2023-1577

A path hijacking vulnerability was reported in Lenovo Driver Manager prior to version 3.1.1307.1308 that could allow a local user to execute code with elevated privileges...

Lenovo Driver Manager 安全漏洞

Lenovo Driver Manager is a device management software from Lenovo China. A security vulnerability exists in Lenovo Driver Manager versions prior to 3.1.1307.1308, which stems from a path hijacking vulnerability that could allow a local user to execute code with elevated privileges...

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2023-2312)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2021-22921

Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PAT...

InstallBuilder代码问题漏洞

Vmware InstallBuilder is a multi-platform installer development and automatic update tool from Vmware. InstallBuilder suffers from a security vulnerability that stems from the fact that under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system...

CVE-2021-22921

Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PAT...

CVE-2021-22921

Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PAT...

CVE-2021-22921

Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PAT...

CVE-2021-22921

Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PAT...

CVE-2021-22921

Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PAT...

CVE-2021-22921

CVE-2021-22921 affects Node.js on Windows prior to 16.4.1, 14.17.2, and 12.22.2. The root cause is improper installation directory permissions which enable PATH and DLL hijacking, enabling local privilege escalation. Reported impacts include elevation of privileges with potential PATH/DLL hijack ...