50 matches found
CVE-2026-8398
A supply chain attack compromised the official installation packages of DAEMON Tools Lite Windows versions 12.5.0.2421 through 12.5.0.2434, distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorized access to the...
CVE-2026-8398
A supply chain attack compromised the official installation packages of DAEMON Tools Lite Windows versions 12.5.0.2421 through 12.5.0.2434, distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorized access to the...
EUVD-2026-25138
The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...
CVE-2026-32679
The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...
CVE-2026-32679
CVE-2026-32679 affects LiveOn Meet Client for Windows and Canon Network Camera Plugin installers (Downloader5Installer.exe, Downloader5InstallerForAdmin.exe, CanonNWCamPlugin.exe, CanonNWCamPluginForAdmin.exe). The installers insecurely load DLLs from the same directory; if a malicious DLL is pre...
CVE-2026-32679
The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...
Flexera InstallShield < 2024 R1 Privilege Escalation (CVE-2024-7562)
The version of Flexera InstallShield installed on the remote host is prior to 2024 R1. It is, therefore, affected by a privilege escalation vulnerability: - A privilege escalation vulnerability exists in standalone MSI setups built with InstallShield that have multiple InstallScript custom action...
PT-2026-41279
Name of the Vulnerable Software and Affected Versions DAEMON Tools Lite versions 12.5.0.2421 through 12.5.0.2434 Description A supply chain attack compromised official installation packages distributed via the legitimate website daemon-tools.cc between April 8, 2026, and May 5, 2026. Attackers...
PYSEC-2026-27
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
RLSA-2026:2214 Important: spice-client-win security update
Spice client MSI installers for Windows clients Security Fixes: libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication CVE-2026-0719 libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response Parsingmultipart HTTP response...
Important: Red Hat Security Advisory: spice-client-win security update
An update for spice-client-win is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: spice-client-win security update
An update for spice-client-win is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
RLSA-2026:1509 Important: spice-client-win security update
Spice client MSI installers for Windows clients Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
Important: Red Hat Security Advisory: spice-client-win security update
An update for spice-client-win is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this...
RHEL 8 : spice-client-win (RHSA-2026:1569)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1569 advisory. Spice client MSI installers for Windows clients Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy Firs...
RHEL 8 : spice-client-win (RHSA-2026:1571)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1571 advisory. Spice client MSI installers for Windows clients Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy Firs...
RHEL 8 : spice-client-win (RHSA-2026:1570)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1570 advisory. Spice client MSI installers for Windows clients Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy Firs...
RHEL 8 : spice-client-win (RHSA-2026:1509)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1509 advisory. Spice client MSI installers for Windows clients Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy Firs...
CVE-2021-22037
Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path...
CVE-2021-22117
RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins...