CVE-2025-69600

CVE-2025-69600 affects RayVentory Raynet RVIA 12.6.4392.49-amd64.deb. Root cause is Argument Injection in an improperly terminated find command used to locate Java, enabling local attackers to execute arbitrary code via commands injected through getconfig, upload, or oracle options (and inventory...

CVE-2025-64994

A privilege escalation vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-SetWorkRate instruction prior V17.1. The improper handling of executable search paths could allow local attackers with write access to a PATH directory on a device to escalate...

TeamViewer DEX Client 安全漏洞

TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. A security vulnerability exists in TeamViewer DEX Client versions prior to V17.1 that stems from improper handling of executable search paths, which could lead to elevation of privileg...

CVE-2025-46334

Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable always includes...

CVE-2025-49144

Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social...

CVE-2025-49144

Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social...

CVE-2025-49144 Notepad++ Privilege Escalation in Installer via Uncontrolled Executable Search Path

Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social...

CVE-2025-49144 Notepad++ Privilege Escalation in Installer via Uncontrolled Executable Search Path

Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social...

CVE-2025-49144

CVE-2025-49144 affects Notepad++ installers prior to 8.8.2 (notably v8.8.1). Root cause: insecure executable search paths allow a local attacker to execute a malicious binary (e.g., regsvr32.exe) placed in the same directory as the installer (commonly Downloads), yielding SYSTEM-level privileges ...

Cisco Crosswork Network Services Orchestrator 安全漏洞

Cisco Crosswork Network Services Orchestrator is a network services orchestrator from Cisco USA. A security vulnerability exists in Cisco Crosswork Network Services Orchestrator that originates from the use of a user-controlled search path to locate executables, allowing an authenticated, local...

Git 代码问题漏洞

Git is a free, open source distributed version control system. A code issue vulnerability exists in the Git GUI, which stems from the dangerous design of Tcl scripts on Windows, causing the search path when looking for executables to always include the current directory...

JetBrains IntelliJ IDEA 代码问题漏洞

JetBrains IntelliJ IDEA is a set of integrated development environments for the Java language from the Czech company JetBrains. A security vulnerability exists in JetBrains IntelliJ IDEA versions prior to 2022.2.2, which stems from the vulnerability of the installer to an EXE search command...

TeamViewer Detection (Linux/Unix SSH Login)

Detects the installed version of TeamViewer. The script logs in via SSH, searches for the executable SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

VLC Player 2.0.4 <= Arbitrary Code Execution

Exploit for windows platform in category local exploits VLC Player 2.0.4 = Arbitrary Code Execution !/usr/bin/perl VLC Player 2.0.4 = ReadAV Arbitrary Code Execution Vendor URI: http://www.videolan.org/vlc/ Vendor Description: VLC is a free and open source cross-platform multimedia player and...

GOM Media Player 2.1.37 Buffer Overflow

Introduction: ============= GOM Player Gretech Online Movie Player is a 32/64-bit media player for Microsoft Windows, distributed by the Gretech Corporation of South Korea. It is the primary client player for South Korean GOM-TV, and is more popular in South Korea than any other media player. Key...

real-dos.txt

!/usr/bin/python Real player 10 Gold .Ra file remote Dos. Credits to n00b for finding this bug This bug is a nasty memory leak with in Real player 10 gold please remember if your guna test it out save all your info you need first..Coz your probly guna have to reboot also remember all other...