7265 matches found
CVE-2026-34883
An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell monitors. On Windows, a symbolic link vulnerability allows a local low-privileged user to escalate privileges to Administrator. During installation, the software writes the file CCFLFamily07Feb11.edr t...
CVE-2026-0089
In multiple functions of PackageInstallerService.java, there is a possible way to install unverified apps due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-6892
Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have authorization. :Canon...
CVE-2026-6891
Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8 or earlier may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of files for which they would not normally have...
CVE-2026-4482
The installer certificate files in the …/bootstrap/common/ssl folder do not seem to have restricted permissions on Windows systems users have read and execute access. For the client.key file in particular, this could potentially lead to exploits, as this exposes agent identity material to any...
CVE-2026-34234
CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the web-based installer public/installer/index.php is vulnerable to unauthenticated Remote Code Execution RCE because it performs the install.lock check only after including and executing form handler...
CVE-2026-49134
CodexBar prior to 0.32.0 contains a privilege escalation vulnerability in the CLI installer that allows local attackers to execute arbitrary commands as root by exploiting a race condition in temporary file handling. The installer creates a temporary file with mktemp, writes a privileged shell...
CVE-2026-44612
Bytello Share Windows Edition installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...
Chromium: CVE-2026-11103 Inappropriate implementation in Installer
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
EUVD-2026-34564
Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Medium...
DEBIAN-CVE-2026-11103
Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Medium...
CVE-2026-11103
Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Medium...
CVE-2026-11103
Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Medium...
CVE-2026-11103
CVE-2026-11103 affects Google Chrome on Windows, where an inappropriate implementation in the Installer component allows a local attacker to escalate privileges via a malicious file. The vulnerability is tied to Chrome versions prior to 149.0.7827.53. The CVSS context indicates a local exploit wi...
CVE-2026-11103
Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Medium...
CVE-2026-11103
Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Medium...
Exploit for CVE-2026-34234
CVE-2026-34234 - CtrlPanel Installer RCE Lab Local Docker lab...
[SECURITY] Fedora 44 Update: pie-1.4.5-1.fc44
PIE PHP Installer for Extensions. PIE can install an extension to any installed PHP version. A list of extensions that support PIE can be found on https://packagist.org/extensions. Documentation: /usr/share/doc/pie/docs/usage.md...
[SECURITY] Fedora 43 Update: pie-1.4.5-1.fc43
PIE PHP Installer for Extensions. PIE can install an extension to any installed PHP version. A list of extensions that support PIE can be found on https://packagist.org/extensions. Documentation: /usr/share/doc/pie/docs/usage.md...
Notepad++ 8.9.4 / 8.9.5 < 8.9.6 Installer Vulnerability
The version of Notepad++ installed on the remote host is 8.9.4 or 8.9.5. It is, therefore, affected by an installer vulnerability: - A vulnerability exists in the Notepad++ installer affecting versions 8.9.4 and 8.9.5 that could allow an attacker to compromise the installation process...