15 matches found
CVE-2025-34290
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating...
EUVD-2025-204643
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating...
CVE-2025-34290
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating...
CVE-2025-34290
Versa SASE Client for Windows versions 7.8.7–7.9.4 contain a local privilege escalation in the audit log export feature. The client passes user-controlled file paths to a privileged service, which performs file-system operations without impersonating the requesting user. A TOCTOU race condition c...
CVE-2025-34290 Versa SASE Client for Windows < 7.9.5 Arbitrary Folder Deletion Leading to Local Privilege Escalation
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating...
CVE-2025-34290 Versa SASE Client for Windows < 7.9.5 Arbitrary Folder Deletion Leading to Local Privilege Escalation
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating...
Versa SASE Client for Windows 安全漏洞
Versa SASE Client for Windows is a secure networking client from Versa USA. A security vulnerability exists in Versa SASE Client for Windows versions 7.8.7 through 7.9.4, which stems from a local elevation of privilege vulnerability in the Audit Log Export feature that could lead to arbitrary...
PT-2025-52564
Name of the Vulnerable Software and Affected Versions Versa SASE Client for Windows versions 7.8.7 through 7.9.4 Description The software contains a local privilege escalation issue in the audit log export functionality. The client sends user-controlled file paths to a privileged service, which...
CVE-2018-19855
UiPath Orchestrator before 2018.3.4 allows CSV Injection, related to the Audit export, Robot log export, and Transaction log export features...
Design/Logic Flaw
The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device...
CVE-2022-1740 2.2.2 MUTABLE ATTESTATION OR MEASUREMENT REPORTING DATA CWE-1283
The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device...
PT-2022-3368
Name of the Vulnerable Software and Affected Versions Dominion Voting Systems ImageCast X affected versions not specified Description The issue concerns the on-screen application hash display feature, audit log export, and application export functionality of Dominion Voting Systems ImageCast X,...
CVE-2021-1475 Cisco Umbrella Link and CSV Formula Injection Vulnerabilities
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities, see the Details secti...
Cisco Umbrella CSV Formula Injection Vulnerability
Cisco Umbrella is a cloud security platform that provides a first line of defense against Internet threats. A CSV formula injection vulnerability exists in Cisco Umbrella's "Administrator Audit Log Export" feature. The vulnerability stems from improper neutralization of formula elements in CSV...
Cisco Umbrella 注入漏洞
Cisco Umbrella is a cloud security platform that provides a first line of defense against Internet threats. A CSV formula injection vulnerability exists in Cisco Umbrella's "Administrator Audit Log Export" feature. The vulnerability stems from improper neutralization of formula elements in CSV...