The Qualys Cloud Agent included a bundled uninstall script (qagent_uninstall.sh), specific to Mac and Linux supported versions that invoked multiple system commands without using absolute paths and without sanitizing the $PATH environment. If the uninstall script is executed with elevated privilege…

Dell Display and Peripheral Manager, versions prior to 2.1.2.12, contains an Execution with Unnecessary Privileges vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete.

In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition

In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation

In JetBrains YouTrack before 2025.3.104432 insecure Junie configuration could lead to data exposure and unauthorized changes

In JetBrains YouTrack before 2025.3.104432 misconfiguration in the Junie could lead to exposure of the global Junie token

In JetBrains YouTrack before 2025.3.104432 missing VCS URL validation allowed delegation to unauthorized repositories from the Junie widget

In JetBrains YouTrack before 2025.3.104432 improper access control allowed modify MCP tool logic

In JetBrains YouTrack before 2025.3.104432 missing user principal cleanup led to reuse of incorrect authorization context