9 matches found
CVE-2026-0432
Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...
CVE-2025-10549 DLL Hijacking in EfficientLab Controlio Leads to Local Privilege Escalation
EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected...
CVE-2026-5397
The CVE-2026-5397 entry describes an Uncontrolled Search Path Element (CWE-427) in a UPS management application. It states that improper permissions on the installation directory allow a malicious DLL to be placed there and executed with administrator privileges because the product loads missing ...
Cisco AppDynamics PHP Agent Privilege Escalation (cisco-sa-appd-php-authpriv-gEBwTvu5)
According to its self-reported version, Cisco AppDynamics is affected by a vulnerability. - A vulnerability in the installer script of Cisco AppDynamics PHP Agent could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient...
SUSE CVE-2009-3897
Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the basedir directory, and possibly the basedir directory...
CVE-2020-13541
An exploitable local privilege elevation vulnerability exists in the file system permissions of the Mobile-911 Server V2.5 install directory. Depending on the vector chosen, an attacker can overwrite the service executable and execute arbitrary code with System privileges or replace other files...
CVE-2020-13540
An exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory via WIN-911 Account Change Utility. Depending on the vector chosen, an attacker can overwrite various executables which could lead to escalation of the...
CVE-2020-13539
An exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory via “WIN-911 Mobile Runtime” service. Depending on the vector chosen, an attacker can overwrite various executables which could lead to escalation of t...
PT-2019-10735 · Gog · Gog Galaxy
Name of the Vulnerable Software and Affected Versions: GOG Galaxy affected versions not specified Description: A local privilege elevation issue exists due to file system permissions in the install directory. This allows an attacker to overwrite an executable launched as a system service on boot,...