180 matches found
EUVD-2000-0154
Malware in sbrugna...
EUVD-2002-0906
Malware in sbrugna...
EUVD-2019-17029
Malware in sbrugna...
EUVD-2023-23865
Malicious code in bioql PyPI...
MAL-2025-191872 Malicious code in soopsocks (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 adcaa2cfcfa52c7c1ed664a9389ba0bd0ddd2716ea4c475b22bcd2f62bc1ab95 The package promise creating a SOCKS proxy and report the server to a Discord webhook. And indeed appears to do so, but the attached autorun service seems to b...
Malicious code in soopsocks (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 adcaa2cfcfa52c7c1ed664a9389ba0bd0ddd2716ea4c475b22bcd2f62bc1ab95 The package promise creating a SOCKS proxy and report the server to a Discord webhook. And indeed appears to do so, but the attached autorun service seems to b...
Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories
A security weakness has been disclosed in the artificial intelligence AI-powered code editor Cursor that could trigger code execution when a maliciously crafted repository is opened using the program. The issue stems from the fact that an out-of-the-box security setting is disabled by default,...
PT-2025-34310 · Maplesoft · Maple
Name of the Vulnerable Software and Affected Versions: Maple versions up to and including version 13 Description: Maple versions up to and including version 13 allow embedded commands to be executed automatically when a .maplet file is opened. This bypasses standard security restrictions that...
Cursor 命令注入漏洞
Cursor is an AI code editor from Cursor open source. A command injection vulnerability exists in Cursor versions prior to 1.3 that stems from an autorun mode that allows bypassing whitelisting, potentially leading to arbitrary command execution...
MAL-2025-191689 Malicious code in backtradingbot (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 117c24f5b7a0f5e4921e4478231a717ecca01748a5b266d8984e619f06173984 Running the installed entry point downloads and executes remote code. During the analysis, the code was switching to websockets, adding a startup script and...
CVE-2024-48123
An issue in the USB Autorun function of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to execute arbitrary code via uploading a crafted script from a USB device...
Malicious code in telepycore (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c3dcd0a2a8162a703ef9d7b90566e4c55116a7f4f4d3b8759ca0d2640acd4ee4 Package can only be used requires additional triggering to install a remote executable, ensure it starts on logon and name mimic network service. Though...
CVE-2024-48123
An issue in the USB Autorun function of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to execute arbitrary code via uploading a crafted script from a USB device...
CVE-2024-48123
An issue in the USB Autorun function of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to execute arbitrary code via uploading a crafted script from a USB device...
CVE-2024-48123
The CVE-2024-48123 entry concerns the HI-SCAN 6040i Hitrax HX-03-19-I's USB Autorun feature. The vulnerability enables attackers to execute arbitrary code by uploading a crafted script from a USB device. Current connected documents reiterate this issue but do not provide specific affected version...
CVE-2024-48123
An issue in the USB Autorun function of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to execute arbitrary code via uploading a crafted script from a USB device...
Smiths Detection HI-SCAN 6040i Hitrax HX-03-19-I 安全漏洞
The Smiths Detection HI-SCAN 6040i Hitrax HX-03-19-I is an entry-level X-ray equipment electronic component from Smiths Detection, UK. A security vulnerability exists in the Smiths Detection HI-SCAN 6040i Hitrax HX-03-19-I that stems from a problem with the USB autorun feature...
MAL-2024-12338 Malicious code in requesr (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b792f17b467610a1021820a7718884aa436487a9ec75d5ebf889d400efeaec24 Importing the module downloads and starts an infostealer attempting to exfiltrate data and establishing persistence through autorun directory. --- Category:...
Malicious code in requesr (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b792f17b467610a1021820a7718884aa436487a9ec75d5ebf889d400efeaec24 Importing the module downloads and starts an infostealer attempting to exfiltrate data and establishing persistence through autorun directory. --- Category:...
CVE-2024-55956
In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory...