37 matches found
EUVD-2018-17500
Malware in sbrugna...
EUVD-2022-39127
Malicious code in bioql PyPI...
CVE-2025-34194
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 Windows client deployments contain an insecure temporary-file handling vulnerability in the PrinterInstallerClient components. The software creates files as NT...
CVE-2023-37243
The C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe file is automatically launched as SYSTEM when the system reboots. Since the C:\Windows\Temp\Agent.Package.Availability folder inherits permissions from C:\Windows\Temp and Agent.Package.Availability.exe is susceptible t...
PT-2025-16929
Name of the Vulnerable Software and Affected Versions Nullsoft Scriptable Install System NSIS versions prior to 3.11 Description The issue allows local users to escalate privileges to SYSTEM during an installation. This occurs because the temporary plugins directory is created under %WINDIR%temp...
GHSA-RF39-3F98-XR7R WiX based installers are vulnerable to binary hijack when run as SYSTEM
Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...
WiX based installers are vulnerable to binary hijack when run as SYSTEM
Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...
Untrusted Search Path
Overview Affected versions of this package are vulnerable to Untrusted Search Path due to the use of an unprotected C:\Windows\Temp directory to copy and execute binaries. When executed as SYSTEM user, the process uses GetTempPathW which points to this insecure directory, allowing standard users ...
GHSA-G4V6-69P6-Q3P4 WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM
Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...
WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM
Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...
GHSA-WQ88-FQ4X-H2PM WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM
Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...
WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM
Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...
Untrusted Search Path
Overview Affected versions of this package are vulnerable to Untrusted Search Path due to the use of an unprotected C:\Windows\Temp directory to copy and execute binaries. When a bundle runs as the SYSTEM user, it uses GetTempPathW which points to this insecure directory to drop and load multiple...
PT-2024-40505 · Burn · Burn
Name of the Vulnerable Software and Affected Versions: Burn versions affected versions not specified Description: The issue concerns the use of an unprotected directory, C:WindowsTemp, by Burn to copy and run binaries. This directory is accessible to low-privilege users, who can hijack binaries...
PT-2024-4138
Name of the Vulnerable Software and Affected Versions: WiX Toolset versions prior to 3.14.1 WiX Toolset versions prior to 4.0.5 Description: The WiX toolset has a vulnerability related to the use of the GetTempPathW function, which points to an insecure directory C:WindowsTemp to drop and load...
PT-2024-12288 · Splashtop · Splashtop Streamer +1
Name of the Vulnerable Software and Affected Versions: Splashtop Software Updater affected versions not specified Description: The issue concerns the creation of a folder at C:WindowsTempnsu.tmp by the C:Program Files x86SplashtopSplashtop Software Updateruninst.exe process, which copies itself t...
PT-2023-25852 · Atera · Atera
Name of the Vulnerable Software and Affected Versions: Atera affected versions not specified Description: The issue arises from the C:WindowsTempAgent.Package.AvailabilityAgent.Package.Availability.exe file being automatically launched as SYSTEM when the system reboots. Since the...
CVE-2023-32231
An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:\Windows\Temp. A standard user can create the folder and path file ahead of time and obtain elevated code execution...
Path traversal
An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:\Windows\Temp. A standard user can create the folder and path file ahead of time and obtain elevated code execution...
Vasion PrinterLogic Client 安全漏洞
Vasion PrinterLogic Client is a print management solution from Vasion. A security vulnerability exists in Vasion PrinterLogic Client Windows versions prior to 25.0.0.818, which stems from a binary file that can be executed from a subfolder in C:WindowsTemp during installation...