28 matches found
CVE-2023-31068
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILESX86%\TSplus\UserDesktop\themes...
EUVD-2000-1091
Malware in sbrugna...
EUVD-2007-0816
Malware in sbrugna...
EUVD-2006-1129
Malware in sbrugna...
EUVD-2023-35396
Malicious code in bioql PyPI...
EUVD-2023-35397
Malicious code in bioql PyPI...
CVE-2018-7484
An issue was discovered in PureVPN through 5.19.4.0 on Windows. The client installation grants the Everyone group Full Control permission to the installation directory. In addition, the PureVPNService.exe service, which runs under NT Authority\SYSTEM privileges, tries to load several dynamic-link...
CVE-2024-11969
The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder permissions vulnerability. A normal non-admin user could exploit the weakness in file and folder permissions to escalate privileges, execute arbitrary code and maintain persistence on the compromised...
CVE-2023-50914
A Privilege Escalation issue in the inter-process communication procedure from GOG Galaxy Beta 2.0.67.2 through v2.0.71.2 allows authentictaed users to change the DACL of arbitrary system directories to include Everyone full control permissions by modifying the FixDirectoryPrivileges instruction...
CVE-2023-50914
CVE-2023-50914 is a local privilege escalation in GOG Galaxy (Beta) IPC between GalaxyClient.exe and GalaxyClientService.exe. From 2.0.67.2 through 2.0.71.2, an authenticated user can forge IPC packets via FixDirectoryPrivileges, altering the DACL of arbitrary system directories to grant Everyone...
Design/Logic Flaw
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILESX86%\TSplus\Clients\www...
Design/Logic Flaw
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILESX86%\TSplus\UserDesktop\themes...
CVE-2023-31068
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILESX86%\TSplus\UserDesktop\themes...
CVE-2023-31068
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILESX86%\TSplus\UserDesktop\themes...
PT-2023-23130 · Tsplus · Tsplus Remote Access
Name of the Vulnerable Software and Affected Versions: TSplus Remote Access versions through 16.0.2.14 Description: An issue was discovered in TSplus Remote Access where some directories under %PROGRAMFILESX86%TSplusClientswww have Full Control permissions for Everyone. Recommendations: For...
CVE-2023-31068
TSplus Remote Access up to 16.0.2.14 has overly permissive ACLs: Full Control for Everyone on directories under %PROGRAMFILES(X86)%\TSplus\UserDesktop\themes. CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (base 9.8). Root cause is insecure directory permissions; no remediation details are provide...
CVE-2023-31067
TSplus Remote Access (through 16.0.2.14) has a permission misconfiguration: there are Full Control permissions for Everyone on directories under %PROGRAMFILES(X86)%\TSplus\Clients\www. This could enable privilege escalation by a different local user. CVSS v3.1 base score 9.8 (Network, Privileges ...
SOYAL 701 Server 9.0.1 - Insecure Permissions Vulnerability
Exploit Title: SOYAL 701 Server 9.0.1 - Insecure Permissions Exploit Author: LiquidWorm Vendor Homepage: https://www.soyal.com.tw https://www.soyal.com Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affected version: 9.0.1 190322 8.0.6 181227...
CVE-2020-36154
The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the "%SYSTEMDRIVE%\Pearson VUE" directory, which allows local users to obtain administrative privileges via a Trojan horse application...
CVE-2020-36154
The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the "%SYSTEMDRIVE%\Pearson VUE" directory, which allows local users to obtain administrative privileges via a Trojan horse application...