PT-2024-38205 · Panda Security · Panda Security Dome

Name of the Vulnerable Software and Affected Versions: Panda Security Dome affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system...

PT-2024-38192 · Avast · Avast Free Antivirus

Name of the Vulnerable Software and Affected Versions: Avast Free Antivirus affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged...

PT-2024-38197 · Avg · Avg Antivirus Free

Name of the Vulnerable Software and Affected Versions: AVG AntiVirus Free affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code...

PT-2024-38193 · Avast · Avast Free Antivirus

Name of the Vulnerable Software and Affected Versions: Avast Free Antivirus affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged...

CVE-2024-42052

The MSI installer for Splashtop Streamer for Windows before 3.5.8.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a wevtutil.exe file in the folder...

CVE-2024-42053

The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a version.dll file in the folder...

CVE-2024-42050

The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM via an oplock on CredProviderInst.reg...

CVE-2024-42050

The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM via an oplock on CredProviderInst.reg...

PT-2024-29712 · Splashtop · Splashtop Streamer

Name of the Vulnerable Software and Affected Versions: Splashtop Streamer for Windows versions prior to 3.5.8.0 Description: The issue concerns the MSI installer for Splashtop Streamer for Windows, which uses a temporary folder with weak permissions during installation. A local user can exploit...

Splashtop Streamer 安全漏洞

Splashtop Streamer is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Streamer versions prior to 3.5.8.0, which stems from the MSI installer using a temporary folder with weak permissions during installation. An attacker could exploit t...

Splashtop Streamer 安全漏洞

Splashtop Streamer is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Streamer versions prior to 3.6.0.0 that originates from the MSI installer using a temporary folder with weak privileges during installation. An attacker could exploit...

CVE-2024-42053

The CVE concerns Splashtop Streamer for Windows prior to version 3.6.0.0. The MSI installer creates a temporary folder with weak permissions, allowing a local attacker to place a malicious version.dll and escalate to SYSTEM during installation. Affected component: MSI installer for Windows; root ...

CVE-2024-42050

The CVE-2024-42050 entry concerns Splashtop Streamer for Windows. The vulnerability stems from the MSI installer creating a temporary folder with weak permissions during installation, enabling a local user to escalate privileges to SYSTEM by triggering an oplock on CredProvider_Inst.reg. Affected...

CVE-2024-42051

The CVE-2024-42051 issue affects Splashtop Streamer for Windows before version 3.6.2.0. The MSI installer uses a temporary folder with weak permissions during installation, allowing a local user to escalate privileges to SYSTEM by replacing InstRegExp.reg. The vulnerability is a local privilege e...

Splashtop Streamer 安全漏洞

Splashtop Streamer is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Streamer prior to version 3.7.0.0, which originates from the MSI installer using a temporary folder with weak privileges during installation. An attacker could exploi...

CVE-2024-39902 Tuleap's recursive permissions to document manager folder are not properly applied

Tuleap is an open source suite to improve management of software developments and collaboration. Prior to Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8, the checkbox "Apply same permissions to all sub-items of this folder" in the document manager permissio...

CVE-2024-27311

Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder...

CVE-2024-27311

Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder...

CVE-2024-27311 Arbitrary file writing

Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder...

CVE-2024-27311 Arbitrary file writing

Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder...