5034 matches found
CVE-2025-63680
Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw CWE-22 that, in combination with Windows ShellExecuteW fallback extension resolution, leads to arbitrary code execution when a user clicks a crafted entry. By creating a trailing-dot folder and placing a...
CVE-2025-63680
Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw CWE-22 that, in combination with Windows ShellExecuteW fallback extension resolution, leads to arbitrary code execution when a user clicks a crafted entry. By creating a trailing-dot folder and placing a...
CVE-2025-63680
Nero BackItUp (Nero Productline) is affected by a path parsing/UI rendering flaw (CWE-22) that, in conjunction with Windows ShellExecuteW fallback extension resolution, enables arbitrary code execution when a user clicks a crafted entry. The mechanism: create a trailing-dot folder and place a scr...
CVE-2025-11567
CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properly secured...
EUVD-2025-131908
CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properly secured...
CVE-2025-11567
CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properly secured...
CVE-2025-11567
CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properly secured...
CVE-2025-11567
CWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is not properly secured...
CVE-2025-11567
CVE-2025-11567 affects Schneider Electric PowerChute Serial Shutdown. The connected Nessus entry states an elevation of privilege vulnerability due to improper access control in Azure Monitor Agent, exploitable by a locally authenticated attacker on affected systems running PowerChute Serial Shut...
CVE-2025-7430
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report...
PT-2025-46659
Name of the Vulnerable Software and Affected Versions affected versions not specified Description An issue exists related to incorrect default permissions that may lead to elevated system access. This occurs when the target installation folder is not adequately secured. Approximately 1000 devices...
Schneider Electric PowerChute Serial Shutdown 安全漏洞
Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown, and energy management software from Schneider Electric France. A security vulnerability exists in Schneider Electric PowerChute Serial Shutdown that stems from improperly set default permissions, which could resul...
CVE-2025-56503
An issue in Sublime HQ Pty Ltd Sublime Text 4 4200 allows authenticated attackers with low-level privileges to escalate privileges to Administrator via replacing the uninstall file with a crafted binary in the installation folder. NOTE: this is disputed by the Supplier because replacing the...
EUVD-2025-84366
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report...
CVE-2025-7430
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report...
CVE-2025-7430
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report...
CVE-2025-7430 Stored XSS
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report...
CVE-2025-7430 Stored XSS
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report...
CVE-2025-7430
Summary: CVE-2025-7430 affects Zohocorp ManageEngine Exchange Reporter Plus. The vulnerability is a Stored XSS in the Folder Message Count and Size report . Affected versions are 5723 and below . The root cause is not explicitly broken out in all sources, but descriptions consistently indicate th...
EUVD-2025-74033
An improper access restriction to a folder in Bitdefender Endpoint Security Tools for Mac BEST before 7.20.52.200087 allows local users with administrative privileges to bypass the configured uninstall password protection. An unauthorized user with sudo privileges can manually remove the...