14 matches found
CVE-2025-12100
CVE-2025-12100 affects MongoDB BI Connector ODBC driver versions 1.0.0–1.4.6, due to an incorrectly set default privilege that enables local privilege escalation. The issue is documented across multiple sources (including Red Hat and OSV entries) with the same description. A fix appears in v1.4.7...
CVE-2025-11535
MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24...
EUVD-2022-33429
Malicious code in bioql PyPI...
CVE-2025-10491
The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB's process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to 6.0.25, MongoDB Server v7.0 version prior to 7.0.21 a...
CVE-2025-10491 MongoDB Windows installation MSI may leave ACLs unset on custom installation directories
The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB's process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to 6.0.25, MongoDB Server v7.0 version prior to 7.0.21 a...
PT-2025-37717
Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 6.0.25 MongoDB Server versions prior to 7.0.21 MongoDB Server versions prior to 8.0.5 Description: The MongoDB Windows installation MSI may leave Access Control Lists ACLs unset on custom installation...
SAMSUNG Magician PC Software Security Vulnerability
SAMSUNG Magician PC Software is an application from the South Korean company Samsung SAMSUNG. Designed to help manage Samsung SSDs. A security vulnerability exists in SAMSUNG Magician PC Software version 8.0.0. An attacker could exploit the vulnerability to elevate privileges by tampering with...
CVE-2022-28999
Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe...
CVE-2022-28999
Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe...
SharpEDRChecker - Checks Running Processes, Process Metadata, DLLs Loaded Into Your Current Process And The Each DLLs Metadata, Common Inst all Directories, Installed Services And Each Service Binaries Metadata, Installed Drivers And Each Drivers Metadata, All For The Presence Of Known Defensive Products Such As AV's, EDR's And Logging Tools
New and improved C Implementation of Invoke-EDRChecker. Checks running processes, process metadata, Dlls loaded into your current process and each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for...
Gemalto SafeNet Authentication Service for AD FS Agent Elevation of Privilege Vulnerability
Gemalto SafeNet Authentication Service for AD FS Agent is a federated authentication service agent from Gemalto USA. A security vulnerability exists in Gemalto SafeNet Authentication Service for AD FS Agent, which stems from the program's use of weak access control lists for installation...
Gemalto SafeNet Authentication Service IIS Agent Elevation of Privilege Vulnerability
The Gemalto SafeNet Authentication Service IIS Agent is a Gemalto agent that provides two-factor authentication for systems running Microsoft Internet Information Services IIS including Outlook Web Access, the mail client component. The security vulnerability in the Gemalto SafeNet Authentication...
Gemalto SafeNet Authentication Service End User Software Tools for Windows Elevation of Privilege Vulnerability
Gemalto SafeNet Authentication Service End User Software Tools for Windows is a Windows-based SafeNet Authentication Service tool from Gemalto USA. A security vulnerability exists in SafeNet Authentication Service End User Software Tools for Windows that stems from the program's use of weak acces...
CVE-2015-7964
SafeNet Authentication Service for NPS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module...