CVE-2023-37490

SAP Business Objects Installer - versions 420, 430, allows an authenticated attacker within the network to overwrite an executable file created in a temporary directory during the installation process. On replacing this executable with a malicious file, an attacker can completely compromise the...

CVE-2022-48226

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During installation, an EXE gets executed out of C:\Windows\Temp. A standard user can create the path file ahead of time and obtain elevated code execution. Permissions need to be modified to prevent manipulation...

The vulnerability of the File System API interface of Google Chrome allows a remote attacker to bypass the SafeBrowsing security mechanism.

The vulnerability of the Google Chrome browser’s File System API allows a malicious actor to bypass the SafeBrowsing security mechanism for executable files. This can be achieved by creating an executable file in a temporary file system, and then accessing it using a request of the...

Novell ZENworks Endpoint Security Management security client privilege escalation

Application launch with SYSTEM privileges by relative path, temporary executable files creatin in user-controlled directory...