13 matches found
CVE-2026-32680
The issue concerns RATOC RAID Monitoring Manager for Windows. If users customize the installer’s target folder, that folder may retain insecure ACLs, allowing non-administrative users to alter its contents. This can enable a non-administrative user to execute arbitrary code with SYSTEM privileges...
CVE-2021-26556
When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access...
CVE-2021-26557
When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access...
CVE-2021-26556
When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access...
CVE-2021-26557
When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access...
Design/Logic Flaw
When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access...
Design/Logic Flaw
When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access...
CVE-2021-26557
CVE-2021-26557 affects Octopus Tentacle when installed to a custom folder where folder ACLs are not set correctly. This misconfiguration can allow an unprivileged user to use DLL side-loading to gain privileged access, resulting in a local privilege escalation. The NVD data cites local attack vec...
CVE-2021-26556
When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access...
CVE-2021-26556
CVE-2021-26556 affects Octopus Server when installed in a custom folder location. The root cause is improper ACL configuration on the installation folder, enabling a DLL side-loading path for an unprivileged user to escalate to privileged access. The connected sources confirm the presence of a lo...
Octopus Tentacle 代码问题漏洞
Octopus Server is an automated deployment platform. Octopus Tentacle has a security vulnerability that could result in unprivileged users gaining privileged access when Octopus Tentacle is installed using a custom folder location...
Octopus Server 代码问题漏洞
Octopus Server is an automated deployment platform. Octopus Server has a security vulnerability that could result in non-privileged users gaining privileged access when Octopus Server is installed using a custom folder location...
CVE-2019-14794
The Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders...