Lucene search
K

89 matches found

OSV
OSV
added 2025/12/17 6:14 p.m.6 views

CVE-2025-13326 Mattermost Desktop App fails to enable Hardened Runtime when packaged for Mac App Store

Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...

3.9CVSS6AI score0.00093EPSS
Exploits0References3
NVD
NVD
added 2025/12/17 5:15 p.m.9 views

CVE-2025-53919

An issue was discovered in the Portrait Dell Color Management application through 3.3.008 for Dell monitors, It creates a temporary folder, with weak permissions, during installation and uninstallation. A low-privileged attacker with local access could potentially exploit this, leading to elevati...

7.8CVSS0.00095EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/17 12:0 a.m.5 views

CVE-2025-53919

An issue was discovered in the Portrait Dell Color Management application through 3.3.008 for Dell monitors, It creates a temporary folder, with weak permissions, during installation and uninstallation. A low-privileged attacker with local access could potentially exploit this, leading to elevati...

6.2AI score0.00095EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.4 views

Portrait Displays Dell Color Management 安全漏洞

Portrait Displays Dell Color Management is a color management software from Portrait Displays, Inc. A security vulnerability exists in Portrait Displays Dell Color Management version 3.3.8, which stems from an improperly set permissions on a temporary folder created when using a custom installati...

7.8CVSS6.7AI score0.001EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.24 views

CVE-2025-53919

An issue was discovered in the Portrait Dell Color Management application through 3.3.008 for Dell monitors, It creates a temporary folder, with weak permissions, during installation and uninstallation. A low-privileged attacker with local access could potentially exploit this, leading to elevati...

0.00095EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.5 views

PT-2025-51844

Name of the Vulnerable Software and Affected Versions Portrait Dell Color Management versions through 3.3.008 Description The Portrait Dell Color Management application creates a temporary folder with weak permissions during installation and uninstallation. A local attacker with limited privilege...

7.8CVSS6.3AI score0.00095EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2025/12/03 2:35 a.m.119 views

Exploit for CVE-2025-63946

CVE-2025-63946 Tencent PC Manager EoP version: PCManager Ver...

5.8AI score0.00181EPSS
Exploits2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-14360

Malware in sbrugna...

7.8CVSS7.7AI score0.00258EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-7752

Malware in sbrugna...

4.3CVSS4.8AI score0.00419EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-1400

Malware in sbrugna...

5.5CVSS6.1AI score0.01695EPSS
Exploits1References77
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27534

Malicious code in bioql PyPI...

7CVSS6.6AI score0.0013EPSS
Exploits0References1
OSV
OSV
added 2024/07/28 3:15 a.m.4 views

CVE-2024-42052

The MSI installer for Splashtop Streamer for Windows before 3.5.8.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a wevtutil.exe file in the folder...

7.8CVSS5.8AI score0.00213EPSS
Exploits0References2
OSV
OSV
added 2024/07/28 3:15 a.m.5 views

CVE-2024-42053

The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a version.dll file in the folder...

7.8CVSS5.8AI score0.00155EPSS
Exploits0References2
NVD
NVD
added 2024/07/28 3:15 a.m.12 views

CVE-2024-42050

The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM via an oplock on CredProviderInst.reg...

7CVSS0.0014EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/28 12:0 a.m.6 views

PT-2024-29712 · Splashtop · Splashtop Streamer

Name of the Vulnerable Software and Affected Versions: Splashtop Streamer for Windows versions prior to 3.5.8.0 Description: The issue concerns the MSI installer for Splashtop Streamer for Windows, which uses a temporary folder with weak permissions during installation. A local user can exploit...

7.8CVSS7.3AI score0.00213EPSS
Exploits0References6
CVE
CVE
added 2024/07/28 12:0 a.m.47 views

CVE-2024-42053

The CVE concerns Splashtop Streamer for Windows prior to version 3.6.0.0. The MSI installer creates a temporary folder with weak permissions, allowing a local attacker to place a malicious version.dll and escalate to SYSTEM during installation. Affected component: MSI installer for Windows; root ...

7.8CVSS7.2AI score0.00155EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/07/28 12:0 a.m.62 views

CVE-2024-42051

The CVE-2024-42051 issue affects Splashtop Streamer for Windows before version 3.6.2.0. The MSI installer uses a temporary folder with weak permissions during installation, allowing a local user to escalate privileges to SYSTEM by replacing InstRegExp.reg. The vulnerability is a local privilege e...

7.8CVSS7.2AI score0.00155EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/07/28 12:0 a.m.75 views

CVE-2024-42050

The CVE-2024-42050 entry concerns Splashtop Streamer for Windows. The vulnerability stems from the MSI installer creating a temporary folder with weak permissions during installation, enabling a local user to escalate privileges to SYSTEM by triggering an oplock on CredProvider_Inst.reg. Affected...

7CVSS7.2AI score0.0014EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/07/28 12:0 a.m.7 views

Splashtop Streamer 安全漏洞

Splashtop Streamer is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Streamer versions prior to 3.6.0.0 that originates from the MSI installer using a temporary folder with weak privileges during installation. An attacker could exploit...

7.8CVSS6.7AI score0.00155EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/28 12:0 a.m.8 views

Splashtop Streamer 安全漏洞

Splashtop Streamer is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Streamer prior to version 3.7.0.0, which originates from the MSI installer using a temporary folder with weak privileges during installation. An attacker could exploi...

7CVSS6.7AI score0.0014EPSS
Exploits0References3
Rows per page
Query Builder