CVE-2026-12468

An inappropriate implementation flaw was found in the Updater component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=521485244...

CVE-2026-11115

An use after free flaw was found in the Updater component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501370283...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from a problem with the Updater component, where objects were reused after being released. This could allow local...

CVE-2026-7990

An insufficient validation of untrusted input flaw was found in the Updater component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498892267...

PT-2026-38183

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in the Updater component on Windows allows a local attacker to achieve OS-level privilege escalation by using a malicious file. Recommendation...

CVE-2026-27748

CVE-2026-27748 relates to Avira Internet Security’s Software Updater. The vulnerability stems from improper link resolution: a SYSTEM‑level updater process may delete a file under C:\ProgramData by following symbolic links or reparse points, allowing a local attacker to redirect the delete to an ...

New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack

Veeam has released patches to address a critical security flaw impacting its Backup software that could allow an attacker to execute arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2025-23114 , carries a CVSS score of 9.0 out of 10.0. "A vulnerability within the Veeam...

PT-2024-5220 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 120.0.6099.62 Description: The issue is related to insufficient data validation in the Updater component of Google Chrome, allowing a remote attacker to perform OS-level privilege escalation via a malicious fil...

Tesla 安全漏洞

Tesla is an electric vehicle from the American company Tesla. A security vulnerability exists in Tesla Model 3 that stems from the iceupdater component not properly validating user-supplied firmware...

CVE-2022-28944

Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network...

PT-2022-6271 · Emco · Unlock It +7

Name of the Vulnerable Software and Affected Versions: EMCO Software products, including MSI Package Builder for Windows version 9.1.4 Remote Installer for Windows version 6.0.13 Ping Monitor for Windows version 8.0.18 Remote Shutdown for Windows version 7.2.2 WakeOnLan version 2.0.8 Network...

Design/Logic Flaw

An insecure update feature in the /updater.php component of rConfig 3.9.6 and below allows attackers to execute arbitrary code via a crafted ZIP file...

CVE-2020-8500

In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. NOTE: The vendor reports that this is intended functionality...

Code injection

In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. NOTE: The vendor reports that this is intended functionality...

CVE-2020-8500

In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. NOTE: The vendor reports that this is intended functionality...

PT-2020-20179 · Artica · Artica Pandora Fms

Name of the Vulnerable Software and Affected Versions: Artica Pandora FMS version 7.42 Description: The issue allows Web Admin users to execute arbitrary code by uploading a .php file via the Updater or Extension component. However, the vendor reports that this functionality is intended...

The vulnerability of the Firefox browser, which allows a hacker to modify arbitrary files

The vulnerability of the Firefox browser’s Updater component is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to modify arbitrary files by manipulating application path parameters and hard links...