Linux Distros Unpatched Vulnerability : CVE-2017-16933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain privilege...

BIT-LIBPYTHON-2022-26488

In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabl...

CVE-2025-6241 CVE-2025-6241

LsiAgent.exe, a component of SysTrack from Lakeside Software, attempts to load several DLL files which are not present in the default installation. If a user-writable directory is present in the SYSTEM PATH environment variable, the user can write a malicious DLL to that directory with arbitrary...

CVE-2025-6241 CVE-2025-6241

LsiAgent.exe, a component of SysTrack from Lakeside Software, attempts to load several DLL files which are not present in the default installation. If a user-writable directory is present in the SYSTEM PATH environment variable, the user can write a malicious DLL to that directory with arbitrary...

PT-2025-30989

Name of the Vulnerable Software and Affected Versions: Lakeside SysTrack versions affected versions not specified Description: LsiAgent.exe, a component of SysTrack, attempts to load DLL files that are not part of the default installation. If a user-writable directory is included in the SYSTEM PA...

git: Git GUI can create and overwrite files for which the user has write permission

A vulnerability was found in the git GUI package. When a user clones an untrusted repository and edits a file located in a maliciously named directory, git GUI may end up creating or overwriting arbitrary files for the running user has written permission. This flaw allows an attacker to modify th...

CVE-2021-34408

The Zoom Client for Meetings for Windows in all versions before version 5.3.2 writes log files to a user writable directory as a privileged user during the installation or update of the client. This could allow for potential privilege escalation if a link was created between the user writable...

CVE-2020-28369

In BeyondTrust Privilege Management for Windows aka PMfW through 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp...

CVE-2020-3979

InstallBuilder for Qt Windows versions prior to 20.7.0 installers look for plugins at a predictable location at initialization time, writable by non-admin users. While those plugins are not required, they are loaded if present, which could allow an attacker to plant a malicious library which coul...

BIT-PYTHON-MIN-2022-26488

In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabl...

CVE-2024-47195

A vulnerability has been identified in ModelSim All versions V2024.3, Questa All versions V2024.3. gdb.exe in affected applications allows a specific executable file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and...

PT-2024-38613 · Overwolf · Overwolf

Name of the Vulnerable Software and Affected Versions: Overwolf affected versions not specified Description: A local privilege escalation issue is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an...

Overwolf 安全漏洞

Overwolf is a framework from the Israeli company Overwolf that supports building games using HTML and JavaScript. A security vulnerability exists in Overwolf versions prior to 250.1.1, which originates from loading and executing certain dynamic link library files from a user-writable folder in th...

UBUNTU-CVE-2024-21633

Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are...

CVE-2020-28369

In BeyondTrust Privilege Management for Windows aka PMfW through 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp...

Design/Logic Flaw

In BeyondTrust Privilege Management for Windows aka PMfW through 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp...

CVE-2020-28369

In BeyondTrust Privilege Management for Windows aka PMfW through 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp...

CVE-2023-46814

A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM...

SUSE CVE-2017-16933

etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain privileges by leveraging access to the $ICINGA2USER account for creation of a link...

SUSE CVE-2019-11753

The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the...