Linux Distros Unpatched Vulnerability : CVE-2025-30167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared...

SUSE CVE-2025-30167

Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration...

Uncontrolled Search Path Element

Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to the shared %PROGRAMDATA% directory being searched for configuration files. An attacker can introduce unintended behavior and affect other users by creating malicious configuration files in the...

UBUNTU-CVE-2025-30167

Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration...

CVE-2025-30167 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration...

CVE-2022-24138

IOBit Advanced System Care Asc.exe 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with ...

CVE-2019-13069

extenua SilverSHielD 6.x fails to secure its ProgramData folder, leading to a Local Privilege Escalation to SYSTEM. The attacker must replace SilverShield.config.sqlite with a version containing an additional user account, and then use SSH and port forwarding to reach a 127.0.0.1 service...

CVE-2025-27997

An issue in Blizzard Battle.net v2.40.0.15267 allows attackers to escalate privileges via placing a crafted shell script or executable into the C:\ProgramData directory...

CVE-2025-27997

An issue in Blizzard Battle.net v2.40.0.15267 allows attackers to escalate privileges via placing a crafted shell script or executable into the C:\ProgramData directory...

CVE-2025-27997

CVE-2025-27997 affects Blizzard Battle.net (v2.40.0.15267). An attacker can escalate privileges by placing a crafted shell script or executable into the C:\ProgramData directory. The vulnerability is described with a local attack vector and a high impact per the CVSS 3.1 metrics (AV:L, AC:L, PR:N...

PT-2025-4065 · Wondershare · Wondershare Dr.Fone

Name of the Vulnerable Software and Affected Versions: Wondershare Dr.Fone version 13.5.21 Description: A privilege escalation vulnerability has been found in Wondershare Dr.Fone. This issue could allow an attacker to escalate privileges by replacing the binary...

Incorrect Default Permissions

Kolide Agent is vulnerable to Incorrect Default Permissions. The vulnerability is due to improper permissions set on the ProgramData directory for upgraded binaries and the omission of the SystemDrive environmental variable, allowing a malicious actor to place and execute arbitrary DLLs within th...

CVE-2024-54131 Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)

The Kolide Agent aka: Launcher is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced in version 1.5.3 when launcher started...

PT-2024-36062 · Microsoft +1 · Windows 11 +2

Name of the Vulnerable Software and Affected Versions: Kolide Agent versions 1.5.3 through 1.12.2 Description: An implementation bug in the Kolide Agent allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced when the launcher started storing upgraded...

CVE-2024-50804

Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a local attacker to execute arbitrary code via the DeviceDeviceID.dat.bak file within the C:\ProgramData\MSI\One Dragon Center\Data folder...

CVE-2024-50804

MSI Center Pro 2.1.37.0 contains an insecure permissions vulnerability that permits a local attacker to execute arbitrary code via the Device_DeviceID.dat.bak file located in C:\ProgramData\MSI\One Dragon Center\Data. Affected component: MSI Center Pro; root cause: improper access control on a da...

Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users

A new attack campaign dubbed CLOUDREVERSER has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads. "The VBScript and PowerShell scripts in the CLOUDREVERSER inherently involves command-and-control-like activities by using Google...

CtxExceptionHandler Dump under C:\ProgramData\Citrix\CDF\Reports

This article describes the CtxExceptionHandler Dump under C:\ProgramData\Citrix\CDF\Reports...

CVE-2024-34474

Clario through 2024-04-11 for Desktop has weak permissions for %PROGRAMDATA%\Clario and tries to load DLLs from there as SYSTEM...

PT-2024-25925 · Clario · Clario

Name of the Vulnerable Software and Affected Versions: Clario through 2024-04-11 for Desktop Description: The issue is related to weak permissions for the %PROGRAMDATA%Clario directory and the attempt to load DLLs from this location as SYSTEM. Recommendations: For Clario through 2024-04-11 for...