87 matches found
Budibase: Path traversal in plugin file upload enables arbitrary directory deletion and file write
Summary The plugin file upload endpoint POST /api/plugin/upload passes the user-supplied filename directly to createTempFolder without sanitizing path traversal sequences. An attacker with Global Builder privileges can craft a multipart upload with a filename containing ../ to delete arbitrary...
EUVD-2026-18229
SzafirHost downloads necessary files in the context of the initiating web page. When called, SzafirHost updates its dynamic library. JAR files are correctly verified based on a list of trusted file hashes, and if a file was not on that list, it was checked to see if it had been digitally signed b...
CVE-2026-26928
CVE-2026-26928 affects SzafirHost. The vulnerability arises because the application does not verify the hash or the vendor’s digital signature for uploaded DLL/SO/JNILIB/DYLIB files, while JARs are checked. An attacker can supply a malicious dynamic library that is saved in the user’s temp folder...
CVE-2026-26928
SzafirHost downloads necessary files in the context of the initiating web page. When called, SzafirHost updates its dynamic library. JAR files are correctly verified based on a list of trusted file hashes, and if a file was not on that list, it was checked to see if it had been digitally signed b...
CVE-2025-68623
In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace an executable file during the installation process, which may result in unintended elevation of privileges. During installation, the installer runs with HIGH integrity and downloads executables and...
CVE-2025-68623
In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace an executable file during the installation process, which may result in unintended elevation of privileges. During installation, the installer runs with HIGH integrity and downloads executables and...
CVE-2025-68623
In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace an executable file during the installation process, which may result in unintended elevation of privileges. During installation, the installer runs with HIGH integrity and downloads executables and...
CVE-2026-23988 Rufus has Local Privilege Escalation via TOCTOU Race Condition in Fido Script Handling
Rufus is a utility that helps format and create bootable USB flash drives. Versions 4.11 and below contain a race condition TOCTOU in src/net.c during the creation, validation, and execution of the Fido PowerShell script. Since Rufus runs with elevated privileges Administrator but writes the scri...
Azure Linux 3.0 Security Update: junit (CVE-2020-15250)
The version of junit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-15250 advisory. - In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information...
CVE-2025-57836
An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges...
CVE-2025-57836
An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges...
CVE-2025-57836
An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges...
CVE-2025-57836
CVE-2025-57836 affects Samsung Magician versions 6.3.0–8.3.2 on Windows. The installer creates a temporary folder with weak permissions, enabling a non-admin user to perform DLL hijacking and escalate privileges. Documents do not provide patch/version fix details or exploit specifics; some source...
CVE-2025-57836
An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges...
CVE-2025-57836
An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges...
EUVD-2026-0832
An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges...
SAMSUNG Magician 安全漏洞
SAMSUNG Magician is an application from the South Korean company Samsung SAMSUNG. Designed to help manage Samsung SSDs. A security vulnerability exists in SAMSUNG Magician versions 6.3.0 through 8.3.2, which stems from improperly set permissions when the installer creates a temporary folder, whic...
CVE-2025-13326
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...
CVE-2025-53919
An issue was discovered in the Portrait Dell Color Management application through 3.3.008 for Dell monitors, It creates a temporary folder, with weak permissions, during installation and uninstallation. A low-privileged attacker with local access could potentially exploit this, leading to elevati...
CVE-2025-13326
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...