CVE-2026-39454

SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access permission settings. A non-administrative user may manipulate and/or place arbitrary files within the installation folder of the product. As a result, arbitrary code may b...

CVE-2025-10549

EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected...

EUVD-2026-23793

SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access permission settings. A non-administrative user may manipulate and/or place arbitrary files within the installation folder of the product. As a result, arbitrary code may b...

CVE-2026-39454

SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access permission settings. A non-administrative user may manipulate and/or place arbitrary files within the installation folder of the product. As a result, arbitrary code may b...

CVE-2020-11613

Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on the system can...

CVE-2024-47783

A vulnerability has been identified in SIPORT All versions V3.4.0. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain elevated...

CVE-2024-31202

A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation...

Siemens Simcenter STAR-CCM+ 安全漏洞

Siemens Simcenter STAR-CCM is a complete multi-physics field solution from Siemens Germany that simulates products and designs working under real-world conditions. a security vulnerability exists in Siemens Simcenter STAR-CCM, which stems from improperly assigning file permissions to installation...

SAP ERP Client E-Bilanz Access Control Error Vulnerability

SAP ERP is a series of software for ERP management from SAP in Germany. An Access Control Error vulnerability exists in SAP ERP Client E-Bilanz version 1.0, which stems from an installation setting incorrectly setting the default file system permissions in its installation folder, allowing anyone...

Multiple Panda Internet Security vulnerabilities

Weak installation folder permissions allow privilege escalation to LocalSystem on any logged in user account. Spam filtering can be controlled from malcrafted Web page...