CVE-2025-57392

BenimPOS Masaustu 3.0.x is affected by insecure file permissions. The application installation directory grants Everyone and BUILTIN\Users groups FILEALLACCESS, allowing local users to replace or modify .exe and .dll files. This may lead to privilege escalation or arbitrary code execution upon...

CVE-2025-36014

IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a privileged user with access to the IIB install directory...

CVE-2022-36562

Incorrect access control in the install directory C:\Ruby31-x64 of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory...

PT-2022-23470 · Unknown · Rubyinstaller2

Name of the Vulnerable Software and Affected Versions: Rubyinstaller2 versions 3.1.2 and below Description: The issue is related to incorrect access control in the install directory of Rubyinstaller2, specifically the C:Ruby31-x64 directory. This allows authenticated attackers to execute arbitrar...

PT-2020-15741

Name of the Vulnerable Software and Affected Versions voidtools Everything versions prior to 1.4.1 Beta Nightly 2020-08-18 Description The issue allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. This is only relevant if low-privileged users can write to...

CVE-2015-7961

SafeNet Authentication Service Remote Web Workplace Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module...