111 matches found
CVE-2021-33089
CVE-2021-33089 affects the Intel NUC HDMI Firmware Update Tool for NUC8i3BE/NUC8i5BE/NUC8i7BE. The root cause is improper access control in the software installer, which may allow an authenticated local user to escalate privileges. Impact is described as privilege escalation with high confidentia...
CVE-2021-0096
CVE-2021-0096 concerns the Intel NUC HDMI Firmware Update Tool. The issue is described as improper authentication in the software installer for NUC7i3DN, NUC7i5DN, and NUC7i7DN before version 1.78.1.1, potentially allowing a locally authenticated user to escalate privileges. The Red Hat and Intel...
The vulnerability of the software installer for Intel Optane DC Persistent Memory, which allows a hacker to enhance their privileges.
The vulnerability of the software installer for Intel Optane DC Persistent Memory, which operates on non-volatile memory, is related to improper handling of the search path. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the installer of Intel Smart Connect Technology allows a perpetrator to enhance their privileges.
The vulnerability of the Intel Smart Connect Technology software installer is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
Input validation
Improper file permission in software installer for IntelR Smart Connect Technology for IntelR NUC may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2019-11167
Improper file permission in software installer for IntelR Smart Connect Technology for IntelR NUC may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2019-11167
CVE-2019-11167 affects Intel Smart Connect Technology for Intel NUC. Root cause: improper file permissions in the software installer, enabling an authenticated local user to escalate privileges via local access. According to the Intel advisory, the vendor does not provide patches and recommends u...
Input validation
Improper permissions in the software installer for IntelR Authenticate before 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2019-11143
Summary : CVE-2019-11143 affects Intel® Authenticate prior to 3.8 due to improper permissions in the software installer, which could allow an authenticated local user to escalate privileges. Intel specifies updates to 3.8 or later as remediation. Other sources (Red Hat, CNVD, CNVD-derived listing...
JVN#50810870: Installer of Adobe Creative Cloud Desktop Application may insecurely load Dynamic Link Libraries
Installer of Creative Cloud Desktop Application provided by Adobe contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest...
Intel Data Center Migration Center Software software installer DLL injection vulnerability
Intel Data Center Migration Center Software is a set of data center migration software from Intel Corporation in the U.S. The software installer is its installer. A DLL injection vulnerability exists in the software installer in Intel Data Center Migration Center Software 3.1 and earlier versions...
CVE-2018-12160
DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access...
CVE-2018-12160
DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access...
CVE-2018-12160
CVE-2018-12160 is a DLL injection vulnerability in Intel Data Center Migration Center Software installer (v3.1 and earlier). The issue allows an authenticated local user to execute code with default directory permissions due to improper installer permissions. Affected product/versions: Intel Data...
Inmarsat AmosConnect8 Mail Client Vulnerable to SQL Injection and Backdoor Account
Overview Inmarsat Solutions offers a shipboard email client service, AmosConnect 8 AC8, which was designed to be utilized over satellite networks in a highly optimized manner. IOActive has identified two security vulnerabilities in the client software: On-board ship network access could provide...
CVE-2017-2149
The CVE-2017-2149 issue is an Untrusted search path vulnerability in Toshiba memory card installers, enabling a Trojan horse DLL to be loaded from an unspecified directory and allowing code execution with user privileges. Affected software includes several FlashAir/TransferJet related tools and c...
J-LIS The Public Certification Service for Individuals 'The JPKI user's software' Arbitrary Code Execution Vulnerability
J-LIS The Public Certification Service for Individuals "The JPKI user's software" is a set of public certification service software for individuals based on the PKI Public Key Infrastructure platform from Japan Agency for Local Authority Information Systems J-LIS. The JPKI user's software" is a...
DeviantArt Malwaretising Campaigns lead to Potentially Unwanted Apps
Today, the estimated number of known computer threats like viruses, worms, backdoors, exploits, Trojans, spyware, password stealer, and other variants of potentially unwanted software range into millions. It has the capability to create several different forms of itself dynamically in order to...
[security bulletin] HPSBMA02550 SSRT100170 rev.2 - HP Insight Software Installer for Windows, Local Unauthorized Access to Data, Remote Cross Site Request Forgery (CSRF)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02282377 Version: 2 HPSBMA02550 SSRT100170 rev.2 - HP Insight Software Installer for Windows, Local Unauthorized Access to Data, Remote Cross Site Request Forgery CSRF NOTICE: The information in...
CVE-2010-1971
Cross-site request forgery CSRF vulnerability in HP Insight Software Installer for Windows before 6.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, a different vulnerability than CVE-2010-1968...