55 matches found
EUVD-2026-13661
Greenshot is an open source Windows screenshot utility. Versions 1.3.312 and below have untrusted executable search path / binary hijacking vulnerability that allows a local attacker to execute arbitrary code when the affected Windows application launches explorer.exe without using an absolute...
CVE-2022-33036
A binary hijack in Embarcadero Dev-CPP v6.3 allows attackers to execute arbitrary code via a crafted .exe file...
CVE-2022-33037
A binary hijack in Orwell-Dev-Cpp v5.11 allows attackers to execute arbitrary code via a crafted .exe file...
CVE-2022-27963
Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...
CVE-2022-27964
Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...
EUVD-2022-32449
Malicious code in bioql PyPI...
EUVD-2022-36094
Malicious code in bioql PyPI...
EUVD-2022-32450
Malicious code in bioql PyPI...
EUVD-2022-32451
Malicious code in bioql PyPI...
EUVD-2022-32452
Malicious code in bioql PyPI...
EUVD-2022-36093
Malicious code in bioql PyPI...
CVE-2022-27965
Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...
CVE-2022-27966
Xshell v7.0.0099 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...
GitHub: CVE-2024-29187 WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally...
WiX based installers are vulnerable to binary hijack when run as SYSTEM
Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...
GHSA-RF39-3F98-XR7R WiX based installers are vulnerable to binary hijack when run as SYSTEM
Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...
GHSA-G4V6-69P6-Q3P4 WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM
Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...
Untrusted Search Path
Overview Affected versions of this package are vulnerable to Untrusted Search Path due to the use of an unprotected C:\Windows\Temp directory to copy and execute binaries. When executed as SYSTEM user, the process uses GetTempPathW which points to this insecure directory, allowing standard users ...
WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM
Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...
GHSA-WQ88-FQ4X-H2PM WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM
Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...