350 matches found
Malicious code in node-dlls (npm)
The package contains code to download and execute an infostealer payload. --- -= Per source details. Do not edit below this line.=-...
MAL-2024-10289 Malicious code in node-dlls (npm)
The package contains code to download and execute an infostealer payload. --- -= Per source details. Do not edit below this line.=-...
GHSA-87CF-J763-VVH8 OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)
Summary In the database extension, the "enableloadextension" property can be set for the SQLite integration, enabling an attacker to load local or remote extension DLLs and so run arbitrary code on the server. The attacker needs to have network access to the OpenRefine instance. Details The...
OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)
Summary In the database extension, the "enableloadextension" property can be set for the SQLite integration, enabling an attacker to load local or remote extension DLLs and so run arbitrary code on the server. The attacker needs to have network access to the OpenRefine instance. Details The...
CVE-2023-32266 Code injection vulnerability found in OpenText Application Lifecycle Management (ALM),Quality Center.
Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management ALM,Quality Center allows Code Inclusion. The vulnerability allows a user to archive a malicious DLLs on the system prior to the installation. This issue affects Application Lifecycle Management ALM,Quality Center:...
CVE-2023-32266
CVE-2023-32266 concerns an Untrusted Search Path vulnerability in OpenText OpenText ALM/Quality Center. Reports indicate a code inclusion flaw that lets a user archive a malicious DLL on the system before installation, affecting ALM/Quality Center versions 15.00, 15.01 (including P1–P5), 15.51 (i...
Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities
Microsoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade attacks against the Windows update architecture and replace current versions of the operating system files with older versions. The vulnerabilities are listed below -...
New banking trojan “CarnavalHeist” targets Brazil with overlay attacks
Since February 2024, Cisco Talos has been observing an active campaign targeting Brazilian users with a new banking trojan called "CarnavalHeist." Many of the observed tactics, techniques and procedures TTPs are common among other banking trojans coming out of Brazil. This family has also been...
CVE-2024-34474
Clario through 2024-04-11 for Desktop has weak permissions for %PROGRAMDATA%\Clario and tries to load DLLs from there as SYSTEM...
CVE-2024-34474
Clario through 2024-04-11 for Desktop has weak permissions for %PROGRAMDATA%\Clario and tries to load DLLs from there as SYSTEM...
CVE-2024-34474
CVE-2024-34474 affects Clario for Desktop up to 2024-04-11. The issue is weak permissions for %PROGRAMDATA%\Clario and attempts to load DLLs from that directory with SYSTEM privileges, enabling local privilege escalation if exploited. CVSS v3.1: LOCAL, LOW PR, NONE UI, with high impact on confide...
Privilege Escalation
github.com/glpi-project/glpi-agent is vulnerable to Privilege Escalation. The vulnerability is due to the ability of a local user to modify GLPI-Agent code or used DLLs, which can alter agent logic and potentially grant higher privileges...
CVE-2024-28241
The GLPI Agent is a generic management agent. Prior to version 1.7.2, a local user can modify GLPI-Agent code or used DLLs to modify agent logic and even gain higher privileges. Users should upgrade to GLPI-Agent 1.7.2 to receive a patch. As a workaround, use the default installation folder which...
CVE-2024-28241 GlPI-Agent MSI package installation doesn't update folder security profile when using non default installation folder
The GLPI Agent is a generic management agent. Prior to version 1.7.2, a local user can modify GLPI-Agent code or used DLLs to modify agent logic and even gain higher privileges. Users should upgrade to GLPI-Agent 1.7.2 to receive a patch. As a workaround, use the default installation folder which...
April 2, 2024, update for OneNote 2016 (KB5002545)
April 2, 2024, update for OneNote 2016 KB5002545 This article discusses update 5002545 for Microsoft OneNote 2016 that was released on April 2, 2024.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to...
Exploit for Code Injection in Microsoft
🇮🇱 BringThemHome NeverAgainIsNow 🇮🇱 We demand the...
CVE-2024-25103
This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated components. An attacker with local administrative privileges could exploit this by placing malicious DLLs on the targeted system. Successful exploitation of this vulnerability could allow the attacker to...
Design/Logic Flaw
This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated components. An attacker with local administrative privileges could exploit this by placing malicious DLLs on the targeted system. Successful exploitation of this vulnerability could allow the attacker to...
CVE-2024-25103
CVE-2024-25103 affects AppSamvid software, with DLL hijacking as the underlying vector due to vulnerable/outdated components. Local administrative privileges are required to place malicious DLLs on the target system, enabling arbitrary code execution if exploited. The available connected document...
MikroTik RouterOS Uncontrolled Resource Consumption (CVE-2012-6050)
The winbox service in MikroTik RouterOS 5.15 and earlier allows remote attackers to cause a denial of service CPU consumption, read the router version, and possibly have other impacts via a request to download the router's DLLs or plugins, as demonstrated by roteros.dll. This plugin only works wi...