Directory Traversal

Overview @budibase/server is a Budibase Web Server Affected versions of this package are vulnerable to Directory Traversal via the fileUpload and the createTempFolder function. An attacker can delete arbitrary directories and write files to any location accessible by the Node.js process by...

CVE-2025-68623

CVE-2025-68623 affects Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0. Cisco Talos TALOS-2025-2293 documents a local privilege escalation: during installation, the dxwebsetup.exe installer creates a writable TEMP path, writes dxwsetup.exe, then executes it with high integrity. An at...

VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption

The pro-Russian hacktivist group known as CyberVolk aka GLORIAMIST has resurfaced with a new ransomware-as-a-service RaaS offering called VolkLocker that suffers from implementation lapses in test artifacts, allowing users to decrypt files without paying an extortion fee. According to SentinelOne...

EUVD-2021-24917

Malware in sbrugna...

EUVD-2024-0564

Malicious code in bioql PyPI...

EUVD-2022-39127

Malicious code in bioql PyPI...

CVE-2025-40979

DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users\AppData\Local\Temp' directory, which could lead to...

CVE-2025-40979 DLL search order hijack in Wave by Grandstream Networks

DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users\AppData\Local\Temp' directory, which could lead to...

PT-2025-37036

Name of the Vulnerable Software and Affected Versions: Windows 11 version 1.27.8 Description: A DLL search order hijacking issue exists in the wave.exe executable. Successful exploitation could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the...

CVE-2023-37244

The affected AutomationManager.AgentService.exe application contains a TOCTOU race condition vulnerability that allows standard users to create a pseudo-symlink at C:\ProgramData\N-Able Technologies\AutomationManager\Temp, which could be leveraged by an attacker to manipulate the process into...

PT-2024-40505 · Burn · Burn

Name of the Vulnerable Software and Affected Versions: Burn versions affected versions not specified Description: The issue concerns the use of an unprotected directory, C:WindowsTemp, by Burn to copy and run binaries. This directory is accessible to low-privilege users, who can hijack binaries...

CVE-2024-26265

The Image Uploader module in Liferay Portal 7.2.0 through 7.4.3.15, and older unsupported versions, and Liferay DXP 7.4 before update 16, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions relies on a request parameter to limit the size of files that can be uploaded, whic...

DLL Redirection

PanelSW.Custom.WiX is vulnerable to DLL redirection attacks. The vulnerability is due to insufficient security checks in handling of the TEMP folder, allowing attackers to escalate privileges by dropping a malicious DLL into a specific directory structure monitored by the burn engine, which when...

PanelSwWix4.Sdk .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges

Summary .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. Details If the bundle is not run as admin, the user's TEMP folder is used and not the system TEMP folder. A utility is able to monitor the user's TEMP folder for changes and drop its o...

Untrusted Search Path

Overview Affected versions of this package are vulnerable to Untrusted Search Path due to the improper handling of the .be TEMP folder. An attacker can escalate privileges by monitoring the user's TEMP folder for changes and inserting a malicious DLL into the .be/.Local folder immediately when th...

Panel::Software Customized WiX .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges

Summary .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. Details If the bundle is not run as admin, the user's TEMP folder is used and not the system TEMP folder. A utility is able to monitor the user's TEMP folder for changes and drop its o...

GHSA-259P-RVJX-FFWG Panel::Software Customized WiX .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges

Summary .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. Details If the bundle is not run as admin, the user's TEMP folder is used and not the system TEMP folder. A utility is able to monitor the user's TEMP folder for changes and drop its o...

GHSA-7WH2-WXC7-9PH5 WiX Toolset's .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges

Summary .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. Details If the bundle is not run as admin, the user's TEMP folder is used and not the system TEMP folder. A utility is able to monitor the user's TEMP folder for changes and drop its o...

WiX Toolset's .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges

Summary .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. Details If the bundle is not run as admin, the user's TEMP folder is used and not the system TEMP folder. A utility is able to monitor the user's TEMP folder for changes and drop its o...

CVE-2024-24810 WiX is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges

WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. The .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. This impacts any installer built with the WiX installer framework. This issue has been...