Malicious code in client-desktop-web-installer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b5f6fa310c473bfa46f7607fbf1ec6746381d722da1ef24697b1f0b180c7fd2 The package client-desktop-web-installer was found to contain malicious code...

MAL-2026-629 Malicious code in client-desktop-web-installer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b5f6fa310c473bfa46f7607fbf1ec6746381d722da1ef24697b1f0b180c7fd2 The package client-desktop-web-installer was found to contain malicious code...

CVE-2024-0770

A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID 7.10.3 on Windows. Affected is an unknown function of the file iuclid6.exe of the component Desktop Installer. The manipulation leads to incorrect default permissions. The attack needs to be approache...

Zoom Workplace Security Vulnerability

Zoom Workplace is a desktop application from Zoom USA. A security vulnerability exists in Zoom Workplace that stems from an uncontrolled search path element in the desktop application installer that could allow an authenticated user to perform a denial of service via local access...

CVE-2024-0770

A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID 7.10.3 on Windows. Affected is an unknown function of the file iuclid6.exe of the component Desktop Installer. The manipulation leads to incorrect default permissions. The attack needs to be approache...

Design/Logic Flaw

A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID 7.10.3 on Windows. Affected is an unknown function of the file iuclid6.exe of the component Desktop Installer. The manipulation leads to incorrect default permissions. The attack needs to be approache...

CVE-2024-0770 European Chemicals Agency IUCLID Desktop Installer iuclid6.exe default permission

A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID 7.10.3 on Windows. Affected is an unknown function of the file iuclid6.exe of the component Desktop Installer. The manipulation leads to incorrect default permissions. The attack needs to be approache...

CVE-2024-0770

CVE-2024-0770 affects European Chemicals Agency IUCLID on Windows, specifically the Desktop Installer component’s file iuclid6.exe . The vulnerability is described as an unknown function that allows manipulation leading to incorrect default permissions, with local access required to exploit. Docu...

CVE-2024-0770 European Chemicals Agency IUCLID Desktop Installer iuclid6.exe default permission

A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID 7.10.3 on Windows. Affected is an unknown function of the file iuclid6.exe of the component Desktop Installer. The manipulation leads to incorrect default permissions. The attack needs to be approache...

PT-2024-15806 · European Chemicals Agency · Iuclid

Name of the Vulnerable Software and Affected Versions: European Chemicals Agency IUCLID version 7.10.3 Description: A critical vulnerability was found in the European Chemicals Agency IUCLID, affecting an unknown function of the file iuclid6.exe of the component Desktop Installer. The manipulatio...

CVE-2022-3421

An attacker can pre-create the /Applications/Google\ Drive.app/Contents/MacOS directory which is expected to be owned by root to be owned by a non-root user. When the Drive for Desktop installer is run for the first time, it will place a binary in that directory with execute permissions and set i...

CVE-2022-3421

CVE-2022-3421 (Google Drive for Desktop on macOS) is a privilege-escalation vulnerability affecting versions prior to 64.0. An attacker can pre-create the directory /Applications/Google Drive.app/Contents/MacOS, which should be root-owned. On first install, the installer places a binary in that d...

CVE-2021-28633

Adobe Creative Cloud Desktop Application installer version 2.4 and earlier is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of this issue requires...

Adobe Creative Cloud DLL Load Elevation of Privilege Vulnerability

Adobe Creative Cloud Desktop Application is a suite of applications for managing applications and services in the Creative Cloud Membership Management Center from Adobe USA. The program supports synchronizing and sharing files, managing fonts, and accessing asset libraries for commercial...

Yandex Browser installer for Desktop DLL Hijacking Vulnerability

Yandex Browser is a free Chromium-based web browser developed by Russian web search company Yandex that uses the Blink typography engine and runs on Windows, OS X, Android and iOS. A DLL hijacking vulnerability exists in the Yandex Browser installer for desktop versions prior to 17.4.1. The...

CVE-2017-7327

Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll...