13 matches found
CVE-2025-48512
Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller GPIO could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...
CVE-2026-5397 Vulnerability Related to an Uncontrolled Search Path Element in a UPS Management Application
It has been identified that a vulnerability CWE-427 exists in the UPS Uninterruptible Power Supply management application, whereby improper permissions on the installation directory allow a malicious actor to place a DLL that is then executed with administrator privileges. If a malicious DLL is...
CVE-2025-13663
Under certain circumstances, the Quartus Prime Pro Installer for Windows does not check the permissions of the Quartus target installation directory if the target installation directory already exists...
CVE-2025-64642
NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries...
CVE-2025-20387 Incorrect permissions assignment on Splunk Universal Forwarder for Windows during new installation or upgrade
In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on...
CVE-2025-20386 Incorrect permission assignment on Splunk Enterprise for Windows during new installation or upgrade
In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine...
CVE-2025-50675
GPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file permissions in its installation directory. The directory is accessible with full read, write, and execute permissions for all users, allowing unprivileged users to manipulate files within the directory,...
Tenable Network Monitor 安全漏洞
Tenable Network Monitor is an open source system vulnerability scanner developed by Tenable Inc. in the United States, mainly used for network vulnerability scanning and security assessment. Tenable Network Monitor suffers from an elevation of privilege vulnerability, which stems from improperly...
Tenable Network Security Nessus 安全漏洞
Tenable Network Security Nessus is a network vulnerability scanning tool developed by Tenable Network Security to detect security vulnerabilities and configuration errors in operating systems, network devices, and applications. Tenable Network Security Nessus suffers from an elevation of privileg...
PT-2024-19124 · Amd · Amd Ryzen Master Utility
Name of the Vulnerable Software and Affected Versions: AMD Ryzen Master Utility affected versions not specified Description: The issue is related to incorrect default permissions in the installation directory of the AMD Ryzen Master Utility, which could allow an attacker to achieve privilege...
Cisco AppDynamics PHP Agent 安全漏洞
Cisco AppDynamics PHP Agent is an agent program from Cisco USA for monitoring the performance of PHP applications. An elevation of privilege vulnerability exists in the Cisco AppDynamics PHP Agent that stems from insufficient privileges being set on the PHP Agent installation directory. An attack...
SUSE CVE-2021-22921
Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PAT...
CVE-2019-19382
Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the installation directory. Local attackers can replace a .exe or .dll file to achieve privilege escalation...