12 matches found
Notepad++ < 8.8.2 Privilege Escalation (CVE-2025-49144)
The version of Notepad++ installed on the remote host is prior to 8.8.2. It is, therefore, affected by a privilege escalation vulnerability: - Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1...
Command Hijacking
symfony is vulnerable to Command Hijacking. The vulnerability is due to insecure handling of executable files in the current working directory by the Process class, allowing an attacker to execute arbitrary code by placing a malicious cmd.exe file in the directory...
CVE-2020-7381
In Rapid7 Nexpose installer versions prior to 6.6.40, the Nexpose installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during a Securit...
AppCheck may insecurely invoke an executable file
Overview AppCheck provided by JIRANSOFT JAPAN, INC. is an anti-ransomware software. AppCheck and its installer contains an issue with the search path for executable files, which may lead to insecurely invoke an executable file CWE-427. Takashi Yoshikawa of Mitsui Bussan Secure Directions, Inc...
VMware Workstation Player Multiple Code Execution Vulnerabilities (Feb 2017) - Windows
VMware Workstation Player is prone to multiple code execution vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Microsoft Windows Object Packager Insecure Executable Launching (MS12-002; CVE-2012-0009)
A remote code execution has ben reported in Microsoft Windows...
FFFTP may insecurely load executable files
Overview FFFTP may use unsafe methods for determining how to load executables .exe FFFTP loads certain executables when using certain functions. FFFTP contains an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki reported this vulnerability to IPA. JPCERT/CC...
Opera may insecurely load executable files
Overview Opera may use unsafe methods for determining how to load executables .exe. Opera loads certain executables .exe when opening the folder where downloaded contents are stored. Opera contains an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki reporte...
Apsaly may insecurely load executable files
Overview Apsaly may use unsafe methods for determining how to load executables .exe. Apsaly is a text editor that can interact with other applications. Apsaly loads certain executables when opening the folder that contains the file that is being edited, or when a particular sequence of actions ar...
Multiple Yokka provided products may insecurely load executable files
Overview Multiple products provided by Yokka may use unsafe methods for determining how to load executables .exe. Multiple products provided by Yokka such as text editors, contain an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki reported this vulnerabili...
Archive Decoder may insecurely load executable files
Overview Archive Decoder may use unsafe methods for determining how to load executables .exe. Archive Decoder is a file extraction software that supports multiple file en extracting files. Archive Decoder contains an issue with the file search path, which may insecurely load executables. Makoto...
Lhasa may insecurely load executable files
Overview Lhasa may use unsafe methods for determining how to load executables .exe. Lhasa is a file extraction software that supports LZH and ZIP formats. Lhasa loads certain executables .exe when extracting files. Lhasa contains an issue with the file search path, which may insecurely load...