Filtered by vendor Scootersoftware Subscriptions
Filtered by product Beyond Compare Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-36415 1 Scootersoftware 1 Beyond Compare 2024-11-21 7.8 High
A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user places malicious DLLs in the C:\Windows\Temp\ folder, and then the uninstaller is run as SYSTEM, the DLLs will execute with elevated privileges.
CVE-2022-36414 1 Scootersoftware 1 Beyond Compare 2024-11-21 6.7 Medium
There is an elevation of privilege breakout vulnerability in the Windows EXE installer in Scooter Beyond Compare 4.2.0 through 4.4.2 before 4.4.3. Affected versions allow a logged-in user to run applications with elevated privileges via the Clipboard Compare tray app after installation.
CVE-2024-7886 1 Scootersoftware 1 Beyond Compare 2024-08-19 7.8 High
A vulnerability has been found in Scooter Software Beyond Compare up to 3.3.5.15075 and classified as critical. Affected by this vulnerability is an unknown functionality in the library 7zxa.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The real existence of this vulnerability is still doubted at the moment. NOTE: The vendor explains that a system must be breached before exploiting this issue.