Lucene search
K

1226 matches found

CVE
CVE
added 2026/01/21 7:19 a.m.34 views

CVE-2026-24016

CVE-2026-24016 affects ServerView Agents for Windows from Fsas Technologies; the installer may insecurely load DLLs via an uncontrolled search path (CWE-427), allowing arbitrary code with administrator privileges when the installer runs. Affected product details: ServerView Agents for Windows (in...

8.4CVSS5.5AI score0.00143EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/21 7:19 a.m.6 views

CVE-2026-24016

The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. may insecurely load Dynamic Link Libraries. Arbitrary code may be executed with the administrator privilege when the installer is executed...

8.4CVSS5.5AI score0.00143EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/01/21 6:17 a.m.7 views

Installer of Fujitsu ServerView Agents for Windows may insecurely load Dynamic Link Libraries

Overview The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. contains the following vulnerability. Uncontrolled search path element CWE-427 - CVE-2026-24016 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated...

8.4CVSS5.7AI score0.00143EPSS
Exploits0References6
Talos
Talos
added 2026/01/15 12:0 a.m.11 views

Epic Games Store Installation DLL Hijacking Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2025-2279 Epic Games Store Installation DLL Hijacking Privilege Escalation Vulnerability January 15, 2026 CVE Number CVE-2025-61973 SUMMARY A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A...

8.8CVSS5.6AI score0.00143EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/14 6:22 p.m.3 views

CVE-2026-20816

Time-of-check time-of-use toctou race condition in Windows Installer allows an authorized attacker to elevate privileges locally...

7.8CVSS6.8AI score0.02392EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 6:16 p.m.0 views

CVE-2026-20816

Time-of-check time-of-use toctou race condition in Windows Installer allows an authorized attacker to elevate privileges locally...

7CVSS5.7AI score0.02392EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 6:16 p.m.2 views

CVE-2026-20816

Time-of-check time-of-use toctou race condition in Windows Installer allows an authorized attacker to elevate privileges locally...

7.8CVSS0.02392EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/13 5:56 p.m.3 views

CVE-2026-20816 Windows Installer Elevation of Privilege Vulnerability

...

7.8CVSS6.6AI score0.02392EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/13 5:56 p.m.20 views

CVE-2026-20816 Windows Installer Elevation of Privilege Vulnerability

...

7.8CVSS0.02392EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/13 5:56 p.m.2 views

CVE-2026-20816

Time-of-check time-of-use toctou race condition in Windows Installer allows an authorized attacker to elevate privileges locally...

7.8CVSS5.5AI score0.02392EPSS
Exploits0References2Affected Software24
CVE
CVE
added 2026/01/13 5:56 p.m.30 views

CVE-2026-20816

CVE-2026-20816 is a Windows Installer time-of-check/time-of-use (TOCTOU) race condition that can allow a local user with low privileges to escalate to higher privileges. The connected Nessus entries flag this as affecting Windows Installer and describe the vulnerability as a local privilege escal...

7.8CVSS6.4AI score0.02392EPSS
Exploits0References1Affected Software14
Microsoft KB
Microsoft KB
added 2026/01/13 4:0 p.m.19 views

End of support for Office 2016 and Office 2019

None None...

7.8CVSS5.2AI score0.00526EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/01/13 4:0 p.m.3 views

Windows Installer Elevation of Privilege Vulnerability

Time-of-check time-of-use toctou race condition in Windows Installer allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.02392EPSS
Exploits0
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.8 views

Microsoft Windows Installer 安全漏洞

Microsoft Windows Installer is a component of the Windows operating system from Microsoft. It provides a standard basis for installing and uninstalling software. A security vulnerability exists in Microsoft Windows Installer. An attacker could exploit the vulnerability to elevate privileges. The...

7.8CVSS5.8AI score0.02392EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.3 views

PT-2026-2666

Name of the Vulnerable Software and Affected Versions Windows Installer affected versions not specified Description A time-of-check time-of-use TOCTOU race condition exists in Windows Installer. This condition can be exploited by an authorized attacker to gain elevated privileges locally. The iss...

7.8CVSS6.3AI score0.02392EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 10:9 a.m.10 views

CVE-2019-11121

Improper file permissions in the installer for the IntelR Media SDK for Windows before version 2019 R1 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7.2AI score0.00278EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.13 views

CVE-2020-7906

In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer. This issue was fixed in release version 2019.3...

7.5CVSS6.9AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:57 a.m.7 views

CVE-2020-12354

Incorrect default permissions in WindowsR installer in IntelR AMT SDK versions before 14.0.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7AI score0.00332EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.6 views

CVE-2020-10733

The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working directory take precedence over the intended executables. An attacker having permission to add fil...

7.3CVSS7.6AI score0.0053EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.5 views

CVE-2025-23358

NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can cause a search path element issue. A successful exploit of this vulnerability might lead to code execution and escalation of privileges...

8.2CVSS7.4AI score0.00232EPSS
Exploits0References1
Rows per page
Query Builder