CVE-2025-43715

Nullsoft Scriptable Install System NSIS before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary plugins directory is created under %WINDIR%\temp and unprivileged users can place a crafted executable file by winning a race condition...

CVE-2022-22736

If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default.This bug only affects Firefox for Windows in a non-default installation...