Lucene search
K

68 matches found

The Hacker News
The Hacker News
added 2023/07/28 11:45 a.m.42 views

Hackers Abusing Windows Search Feature to Install Remote Access Trojans

A legitimate Windows search feature is being exploited by unknown malicious actors to download arbitrary payloads from remote servers and compromise targeted systems with remote access trojans such as AsyncRAT and Remcos RAT. The novel attack technique, per Trellix, takes advantage of the...

6.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/05/31 12:15 a.m.5 views

CVE-2023-28353

An issue was discovered in Faronics Insight 10.0.19045 on Windows. An unauthenticated attacker is able to upload any type of file to any location on the Teacher Console's computer, enabling a variety of different exploitation paths including code execution. It is also possible for the attacker to...

8.8CVSS7.4AI score0.01362EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/11/04 12:0 a.m.37 views

CVE-2022-41667

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that allows adversaries with local user privileges to load a malicious DLL which could lead to execution of malicious code. Affected Products: EcoStruxure Operator Terminal ExpertV3.3 Hotfi...

7CVSS7.8AI score0.00215EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/04 12:0 a.m.9 views

CVE-2022-41667

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that allows adversaries with local user privileges to load a malicious DLL which could lead to execution of malicious code. Affected Products: EcoStruxure Operator Terminal ExpertV3.3 Hotfi...

7CVSS7.6AI score0.00215EPSS
Exploits0References1
OSV
OSV
added 2022/08/17 9:15 p.m.3 views

CVE-2022-1373

The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the "restore configuration" feature to upload a zip file...

7.2CVSS5.9AI score
Exploits0References2
Packet Storm
Packet Storm
added 2022/05/17 12:0 a.m.247 views

Trojan-Ransom.Thanos MVID-2022-0607 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/be60e389a0108b2871dff12dfbb542ac.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Ransom.Thanos Vulnerability: Code Execution Description: Thanos looks for and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/12 12:0 a.m.204 views

Ransom.REvil MVID-2022-0599 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/ab1aaa8f96c61684736da00ece5a9c83.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.REvil Vulnerability: Code Execution Description: REvil looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/06 12:0 a.m.189 views

Ransom.CTBLocker Code Execution

Discovery / credits: Malvuln - John Page - aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/de25f04dedaffde1be47ef26dc9a8176.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.CTBLocker Vulnerability: Code Execution Description: CTBLocker looks for and...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2021/07/19 2:16 p.m.37 views

CVE-2021-35449

The Lexmark Universal Print Driver version 2.15.1.0 and below, G2 driver 2.7.1.0 and below, G3 driver 3.2.0.0 and below, and G4 driver 4.2.1.0 and below are affected by a privilege escalation vulnerability. A standard low priviliged user can use the driver to execute a DLL of their choosing durin...

8.7AI score0.01413EPSS
Exploits3References3
CNNVD
CNNVD
added 2021/07/19 12:0 a.m.4 views

Lexmark Universal Print Driver 安全漏洞

Lexmark Universal Print Driver is a printer driver from Lexmark USA. A security vulnerability exists in Lexmark Universal Print Driver that originates from a standard low-privilege user being able to use the driver to execute a DLL of their choice during the add printer process, resulting in...

7.8CVSS8.2AI score0.01413EPSS
Exploits3References3
OSV
OSV
added 2021/02/23 4:15 a.m.4 views

CVE-2021-22645

Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an attack because the .bip documents display a “load” command, which can be pointed to a .dll fro...

7.8CVSS7.1AI score0.01509EPSS
Exploits0References3
CVE
CVE
added 2020/06/04 4:29 p.m.57 views

CVE-2018-21241

CVE-2018-21241 affects Foxit PhantomPDF before 8.3.6, where an untrusted search path allows a DLL to execute remote code. According to sources, the vulnerability is triggered in affected PhantomPDF versions prior to 8.3.6 and can lead to remote code execution on the system. The CVSS details indic...

7.8CVSS7.7AI score0.00792EPSS
Exploits0References1Affected Software1
Lenovo
Lenovo
added 2020/04/13 10:56 p.m.69 views

Lenovo Vantage Vulnerabilities - Lenovo Support US

Lenovo Security Advisory: LEN-30401 Potential Impact: Escalation of Privilege, Improper Verification of Cryptographic Signature, Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2020-8316, CVE-2020-8318, CVE-2020-8319, CVE-2020-8324, CVE-2020-8327 Summary Description: The...

7.2CVSS1.5AI score0.00405EPSS
Exploits0
Hacker One
Hacker One
added 2020/01/04 2:3 p.m.26 views

Nord Security: Race condition (TOCTOU) in NordVPN can result in local privilege escalation

Summary: A vulnerability exists in the NordVPN service, which is installed as part of the NordVPN Windows app. By exploiting a race condition in the NordVPN service it is possible to launch OpenVPN with a user-supplied configuration file. By setting an OpenSSL engine name within this configuratio...

7.2AI score
Exploits0
NVD
NVD
added 2019/12/11 11:15 p.m.12 views

CVE-2019-18232

SafeNet Sentinel LDK License Manager, all versions prior to 7.101only Microsoft Windows versions are affected is vulnerable when configured as a service. This vulnerability may allow an attacker with local access to create, write, and/or delete files in system folder using symbolic links, leading...

7.8CVSS7.6AI score0.00423EPSS
Exploits0References1
ICS
ICS
added 2019/12/05 12:0 a.m.147 views

Thales DIS SafeNet Sentinel LDK License Manager Runtime

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Thales DIS Equipment: SafeNet Sentinel LDK License Manager Runtime Vulnerability: Link Following 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to escalate privileges. 3...

7.8CVSS7.8AI score0.00423EPSS
Exploits0References5
NVD
NVD
added 2018/12/31 6:29 p.m.20 views

CVE-2018-6668

A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows execution bypass, for example, with simple DLL through interpreters such as PowerShell...

7.8CVSS6.7AI score0.00432EPSS
Exploits0References2
CNVD
CNVD
added 2018/12/21 12:0 a.m.5 views

IBM Notes and Domino Privilege Permission and Access Control Vulnerabilities

IBM Notes and Domino are both collaborative office software from the American company IBM. The software has office features such as e-mail, calendar, and scheduling. A privilege permission and access control vulnerability exists in the Notes System Diagnostic NSD service in IBM Notes and Domino o...

8.4CVSS7.2AI score0.00482EPSS
Exploits0References1
OSV
OSV
added 2017/11/06 10:29 p.m.4 views

CVE-2017-14029

An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program will execute specially crafted malicious dll files placed on the target machine...

7.8CVSS5.8AI score0.0093EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2016/12/09 12:0 a.m.51 views

Symantec VIP Access Arbitrary DLL Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SYMANTEC-VIP-ACCESS-ARBITRARY-DLL-EXECUTION.txt + ISR: ApparitionSec Vendor: ================ www.symantec.com Product: =================== Symantec VIP Access Desktop...

0.5AI score0.00807EPSS
Exploits2
Rows per page
Query Builder