PT-2026-1576

Name of the Vulnerable Software and Affected Versions HCL BigFix IVR version 4.2 Description The local setup interface component suffers from improper authentication and a lack of CSRF protection. This allows a local attacker to make unauthorized configuration changes by sending unauthenticated...

CVE-2025-5496

ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file deletion vulnerability in the agent setup component...

CVE-2025-5496

ZohoCorp ManageEngine Endpoint Central is affected by an arbitrary file deletion vulnerability in the agent setup component for versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01. The issue is described as a local vulnerability with low impact to integrity and no confidentiality/a...

CVE-2025-5496 Arbitrary File Deletion

ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file deletion vulnerability in the agent setup component...

ZOHO ManageEngine Endpoint Central 安全漏洞

ZOHO ManageEngine Endpoint Central is a desktop management system from ZOHO USA. A security vulnerability exists in ZOHO ManageEngine Endpoint Central versions prior to 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01, which stems from an arbitrary file deletion vulnerability in the agent setup...

EUVD-2018-17457

Malware in sbrugna...

EUVD-2025-24250

Malicious code in bioql PyPI...

PT-2025-34378 · Pdq · Pdq Smart Deploy

Name of the Vulnerable Software and Affected Versions: PDQ Smart Deploy version 3.0.2040 Description: An insecure permissions issue exists in PDQ Smart Deploy version 3.0.2040. A local attacker can execute arbitrary code via the HKLMSYSTEMSetupSmartDeploy component. Recommendations: At the moment...

CVE-2025-30033

The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component...

CVE-2025-30033

The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component...

CVE-2025-30033

The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component...

CVE-2025-30033

CVE-2025-30033 is a DLL hijacking vulnerability in a Siemens setup component that could allow an attacker to execute arbitrary code at install time when a legitimate user runs an application using the affected installer. The vulnerability is documented across multiple sources (Siemens ProductCERT...

CVE-2025-30033

The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component...

PT-2025-32647 · Siemens · Automation License Manager V6.0 +134

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an...

CVE-2023-50677

An issue in NETGEAR-DGND4000 v.1.1.00.151.00.15 allows a remote attacker to escalate privileges via the nextfile parameter to the /setup.cgi component...

The vulnerability of the Setup sub-component, part of the Admin component in Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, allows an attacker to gain access to read, modify, add, or delete data.

The vulnerability of the Setup sub-component and the Admin component of Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating...

The vulnerability of the Setup sub-component, part of the Admin component in Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, allows an attacker to gain access to read, modify, add, or delete data.

The vulnerability of the Setup sub-component and the Admin component of Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating...

The vulnerability of the Setup sub-component of the Oracle Learning Management component in the Oracle E-Business Suite allows a perpetrator to manipulate data.

The vulnerability of the Setup sub-component of the Oracle Learning Management component in the Oracle E-Business Suite system relates to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to manipulate data remotely...

CVE-2023-21852

Vulnerability in the Oracle Learning Management product of Oracle E-Business Suite component: Setup. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Learning Management...

PT-2023-1180 · Oracle · Oracle Learning Management +1

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.12 Description: The issue is related to insufficient input validation in the Setup component of the Oracle Learning Management product. This can be exploited by a remote attacker to...