PT-2026-36002

Name of the Vulnerable Software and Affected Versions B1 Free Archiver version 1.5.86 Description An issue exists where files extracted from downloaded archives bypass Windows Mark of the Web MotW protections. The software fails to propagate the Zone.Identifier alternate data stream—a mechanism...

EUVD-2008-6495

Malware in sbrugna...

EUVD-2006-5700

Malware in sbrugna...

EUVD-2025-16127

Malicious code in bioql PyPI...

CVE-2025-30038

The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream ADS for all files downloaded from potentially untrusted sources...

Exploit for Path Traversal in Rarlab Winrar

CVE-2025-8088 PoC Educational Use Only Details about this C...

CVE-2025-30038 Session ID leakage in Zone.Identifier of downloaded files

The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream ADS for all files downloaded from potentially untrusted sources...

CVE-2025-30038 Session ID leakage in Zone.Identifier of downloaded files

The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream ADS for all files downloaded from potentially untrusted sources...

7-Zip bug could allow a bypass of a Windows security feature. Update now

A patch is available for a vulnerability in 7-Zip that could have allowed attackers to bypass the Mark-of-the-Web MotW security feature in Windows. The MotW is an attribute added to files by Windows when they have been sourced from an untrusted location, like the internet or a restricted zone. Th...

K15874: Samba vulnerability CVE-2013-4475

Security Advisory Description Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfsstreamsdepot or vfsstreamsxattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated...

SUSE CVE-2013-4475

Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfsstreamsdepot or vfsstreamsxattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream ADS...

CVE-2022-38176

An issue was discovered in YSoft SAFEQ 6 before 6.0.72. Incorrect privileges were configured as part of the installer package for the Client V3 services, allowing for local user privilege escalation by overwriting the executable file via an alternative data stream. NOTE: this is not the same as...

YSoft SafeQ 6 has an unspecified vulnerability

YSoft SAFEQ 6 FlexiSpooler is an application. A print management solution. A security vulnerability exists in YSoft SafeQ 6, which stems from incorrect privileges in the MU55 FlexiSpooler service in version 6.0.55 of YSoft SafeQ 6. An attacker could exploit the vulnerability to escalate local use...

CVE-2021-31859

Incorrect privileges in the MU55 FlexiSpooler service in YSoft SafeQ 6 6.0.55 allows local user privilege escalation by overwriting the executable file via an alternative data stream...

PT-2021-19553 · Ysoft · Ysoft Safeq 6

Name of the Vulnerable Software and Affected Versions: YSoft SafeQ 6 version 6.0.55 Description: The issue concerns incorrect privileges in the MU55 FlexiSpooler service, allowing a local user to escalate privileges by overwriting the executable file via an alternative data stream. Recommendation...

YSoft SAFEQ 6 FlexiSpooler 安全漏洞

YSoft SAFEQ 6 FlexiSpooler is an application. A print management solution. A security vulnerability exists in YSoft SafeQ 6, which stems from incorrect privileges in the MU55 FlexiSpooler service in version 6.0.55 of YSoft SafeQ 6. An attacker could exploit the vulnerability to escalate local use...

Malicious Microsoft Office Documents: Generate-Macro

This script will generate malicious Microsoft Excel Documents that contain VBA macros. This script will prompt you for an IP address and port you will receive your shell at this address and port and the name of the malicious document. From there, the script will then prompt you to choose from a...

CVE-2014-2044

Incomplete blacklist vulnerability in ajax/upload.php in ownCloud before 5.0, when running on Windows, allows remote authenticated users to bypass intended access restrictions, upload files with arbitrary names, and execute arbitrary code via an Alternate Data Stream ADS syntax in the filename...

CVE-2014-2044

Incomplete blacklist vulnerability in ajax/upload.php in ownCloud before 5.0, when running on Windows, allows remote authenticated users to bypass intended access restrictions, upload files with arbitrary names, and execute arbitrary code via an Alternate Data Stream ADS syntax in the filename...

CVE-2014-2044

Incomplete blacklist vulnerability in ajax/upload.php in ownCloud before 5.0, when running on Windows, allows remote authenticated users to bypass intended access restrictions, upload files with arbitrary names, and execute arbitrary code via an Alternate Data Stream ADS syntax in the filename...