cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-22037,https://securityvulnerability.io/vulnerability/CVE-2021-22037,Path Interception Vulnerability in InstallBuilder Affects Windows Security,"The InstallBuilder software contains a vulnerability linked to the Windows registry manipulation process. By improperly controlling the execution path for the reg.exe command, the installer becomes susceptible to Path Interception via Search Order Hijacking. This flaw allows an attacker to potentially insert a malicious reg.exe command, enabling it to run with greater priority than the intended system command. Consequently, this can lead to unauthorized actions executed on affected Windows systems, compromising security.",Vmware,Vmware Installbuilder,7.8,HIGH,0.0005499999970197678,false,,false,false,false,,,false,false,,2021-10-29T11:09:07.000Z,0
CVE-2021-22038,https://securityvulnerability.io/vulnerability/CVE-2021-22038,Windows Installer Uninstaller Vulnerability in a Major Software Suite,"A security vulnerability exists in the uninstaller of Windows installers which improperly manages temporary file execution. When the uninstaller is activated, it duplicates itself to a predictable temporary directory that is not only accessible to non-Administrator users but also lacks sufficient protections. This design flaw allows an attacker to replace the uninstaller's binary with a malicious payload prior to execution, which could lead to unauthorized access and escalated privileges if the original uninstaller operates with Administrator rights. The vulnerability specifically impacts installers built on Windows systems.",Vmware,Vmware Installbuilder,8.8,HIGH,0.0010100000072270632,false,,false,false,false,,,false,false,,2021-10-29T11:08:01.000Z,0