73 matches found
EUVD-2022-50933
Malicious code in bioql PyPI...
EUVD-2022-50932
Malicious code in bioql PyPI...
EUVD-2022-50930
Malicious code in bioql PyPI...
EUVD-2022-50931
Malicious code in bioql PyPI...
EUVD-2022-50937
Malicious code in bioql PyPI...
EUVD-2022-50936
Malicious code in bioql PyPI...
EUVD-2022-50935
Malicious code in bioql PyPI...
EUVD-2022-50934
Malicious code in bioql PyPI...
CVE-2022-48225
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. It is used to install drivers from several different vendors. The Gemalto Document Reader child installation process is vulnerable to DLL hijacking, because it attempts to execute with elevated privileges multiple non-existent DLLs...
CVE-2022-48227
An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It allows elevation of privileges because it opens Notepad after the installation of AssureID, Identify x64, and Identify x86, aka CORE-7361...
CVE-2022-48226
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During installation, an EXE gets executed out of C:\Windows\Temp. A standard user can create the path file ahead of time and obtain elevated code execution. Permissions need to be modified to prevent manipulation...
CVE-2022-48224
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. It is installed with insecure permissions full write access within Program Files. Standard users can replace files within this directory that get executed with elevated privileges, leading to a complete arbitrary code execution...
CVE-2022-48221
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. Multiple MSI's get executed out of a standard-user writable directory. Through a race condition and OpLock manipulation, these files can be overwritten by a standard user. They then get executed by the elevated installer. This give...
CVE-2022-48222
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK installation, certutil.exe is called by the Acuant installer to install certificates. This window is not hidden, and is running with elevated privileges. A standard user can break out of this window, obtaining a full...
CVE-2022-48228
An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It uses the root of the C: drive for the i-Dentify and Sentinel Installer log files, aka CORE-7362...
CVE-2022-48223
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK repair, certutil.exe is called by the Acuant installer to repair certificates. This call is vulnerable to DLL hijacking due to a race condition and insecure permissions on the executing directory...
Malicious code in cordova-plugin-acuant (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8ee353c7e6360a7550bd55e7929ef39d3d72273c2d3a370403e3a4082528fe30 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-48227
An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It allows elevation of privileges because it opens Notepad after the installation of AssureID, Identify x64, and Identify x86, aka CORE-7361...
CVE-2022-48223
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK repair, certutil.exe is called by the Acuant installer to repair certificates. This call is vulnerable to DLL hijacking due to a race condition and insecure permissions on the executing directory...
CVE-2022-48224
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. It is installed with insecure permissions full write access within Program Files. Standard users can replace files within this directory that get executed with elevated privileges, leading to a complete arbitrary code execution...