20 matches found
CVE-2026-27750
Avira Internet Security is affected by a TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and later deletes them in a separate cleanup phase without revalidating the target path. An local attacker could ...
EUVD-2025-206033
A local privilege escalation vulnerability exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The flaw is a Time-of-Check Time-of-Use TOCTOU race condition in the license management logic. The regService process, which runs with SYSTEM privileges, creates a fixed directory and writes files...
EUVD-2025-31623
Malicious code in bioql PyPI...
EUVD-2024-54475
Malicious code in bioql PyPI...
CVE-2025-34235 Vasion Print (formerly PrinterLogic) Weak SSL/TLS Certificate Validation RCE
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 Windows client deployments contain a registry key that can be enabled by administrators, causing the client to skip SSL/TLS certificate validation. An attacker who can...
CVE-2024-36340
A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting in arbitrary file deletion or disclosure...
CVE-2024-36340
A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting in arbitrary file deletion or disclosure...
CVE-2024-36340
A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting in arbitrary file deletion or disclosure...
CVE-2024-36340
A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting in arbitrary file deletion or disclosure...
CVE-2024-36340
A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting in arbitrary file deletion or disclosure...
CVE-2024-36340
AMD uProf exposes CVE-2024-36340 a local junction-point vulnerability that allows a low-privileged attacker to create junction points, potentially triggering arbitrary file deletion or disclosure. The affected software is AMD uProf (tools for performance analysis on Windows, Linux and FreeBSD). R...
PT-2025-20899 · Amd · Amd Uprof
Name of the Vulnerable Software and Affected Versions: AMD uProf affected versions not specified Description: A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting in arbitrary file deletion or disclosure...
CVE-2023-32474
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion...
CVE-2023-28065
Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation...
Researchers Demonstrate How EDR and Antivirus Can Be Weaponized Against Users
High-severity security vulnerabilities have been disclosed in different endpoint detection and response EDR and antivirus AV products that could be exploited to turn them into data wipers. "This wiper runs with the permissions of an unprivileged user yet has the ability to wipe almost any file on...
Exploit for Incorrect Default Permissions in Avira Avira_Security
CVE-2022-3368 PoC for arbitrary file move vulnerability in So...
CVE-2021-36286
Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by anynon-privileged user under some object...
CVE-2021-36286
Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by anynon-privileged user under some object...
Privilege escalation
The %PROGRAMDATA%\1E\Client directory in 1E Client 5.0.0.745 and 4.1.0.267 allows remote authenticated users and local users to create and modify files in protected directories where they would not normally have access to create or modify files via the creation of a junction point to a system...
CVE-2020-27643
Affected product: 1E Client (versions 4.1.0.267 and 5.0.0.745). Root cause: MSI installer and related components allow creation of a junction point to a system directory via unreferenced paths, enabling remote authenticated or local users to create/modify files in protected directories. Result: p...