5012 matches found
CVE-2025-63680
Nero BackItUp (Nero Productline) is affected by a path parsing/UI rendering flaw (CWE-22) that, in conjunction with Windows ShellExecuteW fallback extension resolution, enables arbitrary code execution when a user clicks a crafted entry. The mechanism: create a trailing-dot folder and place a scr...
CVE-2025-11567
CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properly secured...
EUVD-2025-131908
CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properly secured...
CVE-2025-11567
CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properly secured...
CVE-2025-11567
CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properly secured...
CVE-2025-11567
CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properly secured...
CVE-2025-11567
CVE-2025-11567 affects Schneider Electric PowerChute Serial Shutdown. The connected Nessus entry states an elevation of privilege vulnerability due to improper access control in Azure Monitor Agent, exploitable by a locally authenticated attacker on affected systems running PowerChute Serial Shut...
CVE-2025-7430
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report...
Schneider Electric PowerChute Serial Shutdown 安全漏洞
Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown, and energy management software from Schneider Electric France. A security vulnerability exists in Schneider Electric PowerChute Serial Shutdown that stems from improperly set default permissions, which could resul...
PT-2025-46659
Name of the Vulnerable Software and Affected Versions affected versions not specified Description An issue exists related to incorrect default permissions that may lead to elevated system access. This occurs when the target installation folder is not adequately secured. Approximately 1000 devices...
CVE-2025-56503
An issue in Sublime HQ Pty Ltd Sublime Text 4 4200 allows authenticated attackers with low-level privileges to escalate privileges to Administrator via replacing the uninstall file with a crafted binary in the installation folder. NOTE: this is disputed by the Supplier because replacing the...
EUVD-2025-84366
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report...
CVE-2025-7430
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report...
CVE-2025-7430
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report...
CVE-2025-7430 Stored XSS
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report...
CVE-2025-7430 Stored XSS
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report...
CVE-2025-7430
Summary: CVE-2025-7430 affects Zohocorp ManageEngine Exchange Reporter Plus. The vulnerability is a Stored XSS in the Folder Message Count and Size report . Affected versions are 5723 and below . The root cause is not explicitly broken out in all sources, but descriptions consistently indicate th...
EUVD-2025-74033
An improper access restriction to a folder in Bitdefender Endpoint Security Tools for Mac BEST before 7.20.52.200087 allows local users with administrative privileges to bypass the configured uninstall password protection. An unauthorized user with sudo privileges can manually remove the...
ZOHO ManageEngine Exchange reporter Plus 安全漏洞
ZOHO ManageEngine Exchange reporter Plus is a Web-based Microsoft Exchange reporting, auditing and monitoring software from ZOHO. A cross-site scripting vulnerability exists in Zoho ManageEngine Exchange Reporter Plus, which can be exploited by an attacker to create privileged accounts and gain...
PT-2025-46318
Name of the Vulnerable Software and Affected Versions Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below Description The software contains a Stored Cross-Site Scripting XSS issue within the Folder Message Count and Size report. This allows for the injection of malicious scripts...