Lucene search
K

13 matches found

Cvelist
Cvelist
added 2026/05/15 1:45 a.m.63 views

CVE-2025-48512

Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller GPIO could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...

7CVSS0.00106EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/15 4:11 a.m.5 views

CVE-2026-5397 Vulnerability Related to an Uncontrolled Search Path Element in a UPS Management Application

It has been identified that a vulnerability CWE-427 exists in the UPS Uninterruptible Power Supply management application, whereby improper permissions on the installation directory allow a malicious actor to place a DLL that is then executed with administrator privileges. If a malicious DLL is...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References2
OSV
OSV
added 2025/12/11 9:15 p.m.3 views

CVE-2025-13663

Under certain circumstances, the Quartus Prime Pro Installer for Windows does not check the permissions of the Quartus target installation directory if the target installation directory already exists...

5.4CVSS5.8AI score0.00084EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/03 10:2 p.m.5 views

CVE-2025-64642

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries...

8CVSS6.9AI score0.00103EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/03 5:0 p.m.17 views

CVE-2025-20387 Incorrect permissions assignment on Splunk Universal Forwarder for Windows during new installation or upgrade

In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on...

8CVSS0.00488EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/03 5:0 p.m.19 views

CVE-2025-20386 Incorrect permission assignment on Splunk Enterprise for Windows during new installation or upgrade

In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine...

8CVSS0.00488EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/09 12:23 a.m.5 views

CVE-2025-50675

GPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file permissions in its installation directory. The directory is accessible with full read, write, and execute permissions for all users, allowing unprivileged users to manipulate files within the directory,...

7.8CVSS7.8AI score0.00223EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/23 12:0 a.m.8 views

Tenable Network Monitor 安全漏洞

Tenable Network Monitor is an open source system vulnerability scanner developed by Tenable Inc. in the United States, mainly used for network vulnerability scanning and security assessment. Tenable Network Monitor suffers from an elevation of privilege vulnerability, which stems from improperly...

7.8CVSS6.8AI score0.0014EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/18 12:0 a.m.3 views

Tenable Network Security Nessus 安全漏洞

Tenable Network Security Nessus is a network vulnerability scanning tool developed by Tenable Network Security to detect security vulnerabilities and configuration errors in operating systems, network devices, and applications. Tenable Network Security Nessus suffers from an elevation of privileg...

7.8CVSS6.6AI score0.00136EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.4 views

PT-2024-19124 · Amd · Amd Ryzen Master Utility

Name of the Vulnerable Software and Affected Versions: AMD Ryzen Master Utility affected versions not specified Description: The issue is related to incorrect default permissions in the installation directory of the AMD Ryzen Master Utility, which could allow an attacker to achieve privilege...

7.3CVSS7.4AI score0.00236EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/11/21 12:0 a.m.6 views

Cisco AppDynamics PHP Agent 安全漏洞

Cisco AppDynamics PHP Agent is an agent program from Cisco USA for monitoring the performance of PHP applications. An elevation of privilege vulnerability exists in the Cisco AppDynamics PHP Agent that stems from insufficient privileges being set on the PHP Agent installation directory. An attack...

7.8CVSS7.2AI score0.00189EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.2 views

SUSE CVE-2021-22921

Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PAT...

7.8CVSS7.1AI score0.07409EPSS
Exploits1References3
OSV
OSV
added 2019/12/03 8:15 p.m.3 views

CVE-2019-19382

Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the installation directory. Local attackers can replace a .exe or .dll file to achieve privilege escalation...

7.8CVSS7.1AI score0.00463EPSS
Exploits2References2
Rows per page
Query Builder