CVE-2019-25343

NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files with full access rights. Attackers can replace system executables with malicious files to gain SYSTEM or Administrator privileges through unauthorized file modification...

CVE-2019-25343

CVE-2019-25343 affects NextVPN 4.10, where insecure file permissions enable local users to modify executable files with full rights. By replacing system executables, an attacker may obtain SYSTEM or Administrator privileges through unauthorized modification. CVSS metrics indicate high impact and ...

CVE-2019-25343 NextVPN 4.10 - Insecure File Permissions

NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files with full access rights. Attackers can replace system executables with malicious files to gain SYSTEM or Administrator privileges through unauthorized file modification...

CVE-2019-25343 NextVPN 4.10 - Insecure File Permissions

NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files with full access rights. Attackers can replace system executables with malicious files to gain SYSTEM or Administrator privileges through unauthorized file modification...

CVE-2020-36916 TDM Digital Signage PC Player 4.1.0.4 Privilege Escalation via Insecure Permissions

TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files. Attackers can leverage the 'Modify' permissions for authenticated users to replace executable files with malicious binaries and gain elevated system...

EUVD-2025-206082

Epic Games Psyonix Rocket League =1.95 contains an insecure permissions vulnerability that allows authenticated users to modify executable files with full access permissions. Attackers can leverage the 'F' Full flag for the 'Authenticated Users' group to change executable files and potentially...

CVE-2021-47742

Epic Games Psyonix Rocket League =1.95 contains an insecure permissions vulnerability that allows authenticated users to modify executable files with full access permissions. Attackers can leverage the 'F' Full flag for the 'Authenticated Users' group to change executable files and potentially...

CVE-2021-47742

CVE-2021-47742 affects Epic Games Psyonix Rocket League

Epic Games Psyonix Rocket League 安全漏洞

Epic Games Psyonix Rocket League is a competitive game from the American company Epic Games. A security vulnerability exists in Epic Games Psyonix Rocket League version 1.95 and earlier, which stems from an insecure privilege setting that could allow an authenticated user to modify executable fil...

PT-2025-54423

Name of the Vulnerable Software and Affected Versions Rocket League versions 1.95 and earlier Description The software contains an insecure permissions issue. Authenticated users can modify executable files with full access permissions. An attacker could exploit this to change executable files an...

EUVD-2025-200324

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries...

CVE-2025-64642

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries...

CVE-2025-64642

CVE-2025-64642 concerns NMIS/BioDose V22.02 and earlier, where default insecure file permissions on installation directories could allow local users to modify program executables and libraries. Multiple sources (NVD, Red Hat, EUVD, CVE lists, and ICS advisory) describe the issue as an insecure in...

PT-2025-48780

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries...

CVE-2018-14808

Emerson AMS Device Manager v12.0 to v13.5. Non-administrative users are able to change executable and library files on the affected products...

CVE-2018-14791

Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may allow non-administrative users to change executable and library files on the affected products...

CVE-2017-12728

An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the...