CVE-2021-47960

CVE-2021-47960 affects Synology SSL VPN Client prior to 1.4.5-0684. The issue allows a local HTTP server bound to loopback to expose the installation directory to external parties via user interaction with a crafted page, enabling an information disclosure breach. Affected component: Synology SSL...

CVE-2021-47960

A files or directories accessible to external parties vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access files within the installation directory via a local HTTP server bound to the loopback interface. By leveraging user interaction with a crafted web pag...

CVE-2021-47960

A files or directories accessible to external parties vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access files within the installation directory via a local HTTP server bound to the loopback interface. By leveraging user interaction with a crafted web pag...

PT-2026-31905

Name of the Vulnerable Software and Affected Versions Synology SSL VPN Client versions prior to 1.4.5-0684 Description A flaw exists in Synology SSL VPN Client that allows remote attackers to access files within the installation directory. This is achieved by leveraging a local HTTP server bound ...

EUVD-2020-25589

Malware in sbrugna...

EUVD-2011-3442

Malware in sbrugna...

EUVD-2023-44934

Malicious code in bioql PyPI...

Use of Weak Hash

Overview Affected versions of this package are vulnerable to Use of Weak Hash via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components. A local attacker can access sensitive information by reading these files to obtain an administrator password and running it...

CVE-2023-40363

IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. IBM X-Force ID: 263332...

CVE-2024-10228 Vagrant VMWare Utility installation files vulnerable to modification by unprivileged user

The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path that could be modified by an unprivileged user, introducing potential for unauthorized file system writes. This vulnerability, CVE-2024-10228, was fixed in Vagrant VMWare Utility 1.0.23...

Nessus Network Monitor < 6.4.0 Multiple Vulnerabilities (TNS-2024-07)

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-07 advisory. - Nessus Network Monitor leverages third-party software to help provide underlying...

CVE-2024-22452

Dell Display and Peripheral Manager for macOS prior to 1.3 contains an improper access control vulnerability. A low privilege user could potentially exploit this vulnerability by modifying files in the installation folder to execute arbitrary code, leading to privilege escalation...

Tenable Nessus Arbitrary File Write Vulnerability (TNS-2023-39)

Tenable Nessus is prone to an arbitrary file write vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"...

CVE-2023-40363

IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. IBM X-Force ID: 263332...

CVE-2023-40363

IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. IBM X-Force ID: 263332...

CVE-2023-40363

The CVE-2023-40363 issue affects IBM InfoSphere Information Server 11.7. Affected component: installation file permissions that permit an authenticated user to change installation files, caused by incorrect file permission settings. Impact stated in sources includes the ability to modify installa...

IBM InfoSphere Information Server 安全漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An elevation of privilege vulnerability exists in IBM InfoSphere Information Server version 11.7...

Tenable Nessus < 10.6.0 Multiple Vulnerabilities (TNS-2023-29)

According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.6.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-29 advisory. - A pass-back vulnerability exists where an authenticated, remote attacker with...

CVE-2021-35250

A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1...

CVE-2020-13533

A privilege escalation vulnerability exists in Dream Report 5 R20-2. IIn the default configuration, the following registry keys, which reference binaries with weak permissions, can be abused by attackers to effectively ‘backdoor’ the installation files and escalate privileges when a new user logs...