CVE-2026-27748

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\\ProgramData without validating whether the path resolves through a symbolic link or reparse...

EUVD-2026-9820

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

CVE-2026-27748

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

CVE-2026-27748 Avira Internet Security Arbitrary File Deletion via Improper Link Resolution

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

CVE-2026-27748 Avira Internet Security Arbitrary File Deletion via Improper Link Resolution

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

Avira Internet Security 安全漏洞

Avira Internet Security is a network security software developed by the German company Avira. Avira Internet Security has a security vulnerability. This vulnerability stems from an improper link parsing issue in the Software Updater component. It could allow local attackers to delete any file,...

CVE-2022-50693

Affected software: Splashtop 8.71.12001.0. Vulnerability: unquoted service path in the Splashtop Software Updater Service, allowing local attackers to inject malicious executables and escalate privileges via the unquoted path at C:\Program Files (x86)\Splashtop\Splashtop Software Updater. Root ca...

CVE-2022-50693 Splashtop 8.71.12001.0 - Unquoted Service Path

Splashtop 8.71.12001.0 contains an unquoted service path vulnerability in the Splashtop Software Updater Service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\Splashtop\Splashtop Software Updater\ to inject...

EUVD-2020-4743

Malware in sbrugna...

EUVD-2020-4772

Malware in sbrugna...

EUVD-2017-15523

Malware in sbrugna...

EUVD-2022-42748

Malicious code in bioql PyPI...

CVE-2024-50591

An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a command injection vulnerability in the Elefant Update Service. The command injection can be exploited by communicating with the Elefant Update Service whi...

CVE-2023-3181

The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...

CVE-2020-12463

An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file hard links. This allows local users to obtain take control of arbitrary files...

CVE-2019-17449

Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. NOTE: The vendor thinks that this vulnerability is invalid because exploiting it would require at least administrator privileges and would gain only SYSTEM privileges...

HASOMED Elefant 安全漏洞

HASOMED Elefant is an exercise software from the German company HASOMED. It specializes in meeting the needs of psychotherapists, child and adolescent psychotherapists, and medical psychotherapists. A security vulnerability exists in HASOMED Elefant versions prior to 24.04.00 and Elefant Software...

PT-2024-34346 · Elefant +1 · Elefant Software Updater +1

Name of the Vulnerable Software and Affected Versions: Elefant Software Updater ESU affected versions not specified Description: An attacker with local access to a medical office computer can escalate their Windows user privileges to "NT AUTHORITYSYSTEM" by exploiting a command injection...

CVE-2023-3181

The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...

CVE-2023-3181 Insecure Permissions in Splashtop Software Updater

The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...