CVE-2026-7990

An insufficient validation of untrusted input flaw was found in the Updater component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498892267...

PT-2026-38183

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in the Updater component on Windows allows a local attacker to achieve OS-level privilege escalation by using a malicious file. Recommendation...

CVE-2026-27748

CVE-2026-27748 relates to Avira Internet Security’s Software Updater. The vulnerability stems from improper link resolution: a SYSTEM‑level updater process may delete a file under C:\ProgramData by following symbolic links or reparse points, allowing a local attacker to redirect the delete to an ...

New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack

Veeam has released patches to address a critical security flaw impacting its Backup software that could allow an attacker to execute arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2025-23114 , carries a CVSS score of 9.0 out of 10.0. "A vulnerability within the Veeam...

PT-2024-5220 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 120.0.6099.62 Description: The issue is related to insufficient data validation in the Updater component of Google Chrome, allowing a remote attacker to perform OS-level privilege escalation via a malicious fil...

Tesla 安全漏洞

Tesla is an electric vehicle from the American company Tesla. A security vulnerability exists in Tesla Model 3 that stems from the iceupdater component not properly validating user-supplied firmware...

CVE-2022-28944

Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network...

PT-2022-6271 · Emco · Unlock It +7

Name of the Vulnerable Software and Affected Versions: EMCO Software products, including MSI Package Builder for Windows version 9.1.4 Remote Installer for Windows version 6.0.13 Ping Monitor for Windows version 8.0.18 Remote Shutdown for Windows version 7.2.2 WakeOnLan version 2.0.8 Network...

Design/Logic Flaw

An insecure update feature in the /updater.php component of rConfig 3.9.6 and below allows attackers to execute arbitrary code via a crafted ZIP file...

CVE-2020-8500

In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. NOTE: The vendor reports that this is intended functionality...

Code injection

In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. NOTE: The vendor reports that this is intended functionality...

CVE-2020-8500

In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. NOTE: The vendor reports that this is intended functionality...

PT-2020-20179 · Artica · Artica Pandora Fms

Name of the Vulnerable Software and Affected Versions: Artica Pandora FMS version 7.42 Description: The issue allows Web Admin users to execute arbitrary code by uploading a .php file via the Updater or Extension component. However, the vendor reports that this functionality is intended...