14 matches found
Astra Linux - уязвимость в git
Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. These untrusted parties could create the folder C:.git, which would be included in Git...
Linux Distros Unpatched Vulnerability : CVE-2026-3087
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If shutil.unpackarchive is given a ZIP archive with an absolute Windows path containing a drive C:... then the archive will be extracted outside the target...
EUVD-2026-25922
If shutil.unpackarchive is given a ZIP archive with an absolute Windows path containing a drive C:\... then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability...
CVE-2026-3087
If shutil.unpackarchive is given a ZIP archive with an absolute Windows path containing a drive C:\... then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability...
EUVD-2026-3643
MacPaw Encrypto 1.0.1 contains an unquoted service path vulnerability in its Encrypto Service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Encrypto\ to inject malicious executables and escalate...
PT-2024-23845 · Unknown · Thermoscanip Scrutation
Name of the Vulnerable Software and Affected Versions: ThermoscanIP Scrutation affected versions not specified Description: A misconfiguration known as "CWE-428: Unquoted Search Path or Element" affects the ThermoscanIP Scrutation service. This issue could be exploited in scenarios where incorrec...
DEBIAN-CVE-2023-25815
In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the gettext function's implicit initialization no...
CVE-2022-45304
Insecure permissions in Chocolatey Cmder package v1.3.20 and below grants all users in the Authenticated Users group write privileges for the path C:\tools\Cmder and all files located in that folder...
Python 安全漏洞
Python is an open source object-oriented programming language. A privilege design vulnerability exists in the Chocolatey Python3 package v3.11.0 and earlier versions, which originates from all users in the Authenticated users group having write access to the subfolder C:\Python311 and all files i...
MSYS2 安全漏洞
MSYS2 is MSYS2 open source set of tools and libraries. It provides an easy-to-use environment for building, installing and running native Windows software. A security vulnerability exists in MSYS2 version v20220603 and earlier versions that originates from incorrect access control in the...
ALPINE-CVE-2022-24765
Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder C:.git, which would be picked up by Git operation...
UBUNTU-CVE-2022-24765
Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder C:.git, which would be picked up by Git operation...
CVE-2020-12510
The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. If the directory does not exist it and further subdirectories are created with permissions which allow every local user to modify the content. The default installation registers TcSysUI.exe for...
Multiple ZOHO Products License Issue Vulnerabilities
ZOHO ManageEngine Desktop Central DC and so on are the products of the United States ZhuoHao ZOHO company.ManageEngine Desktop Central is a set of desktop management solutions.ZOHO ManageEngine ServiceDesk Plus is a set of ITIL architecture based on IT service management software ITSM.ZOHO...