Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns

Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. "These campaigns typically involve a recognizable infection chain involving oversized...

Exploit for CVE-2024-32640

And exploited SQL injection vulnerabilities in Mura/Masa C...

Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2024-31226 Sunshine's unquoted executable path could lead to hijacked execution flow

Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the user's computer. This...

CVE-2024-31226 Sunshine's unquoted executable path could lead to hijacked execution flow

Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the user's computer. This...

CVE-2024-3640

CVE-2024-3640 affects Rockwell Automation FactoryTalk Remote Access. An unquoted executable path in the FTRA installer could enable remote code execution with System privileges, requiring admin rights (local attack vector per CVSS4: AV:L, PR:H, UI:A). ICSA/CISA notes the vulnerability is not expl...

Online Examination System SQL Injection Vulnerability

Projectworlds Online Examination System is an online examination system from Projectworlds India. A SQL injection vulnerability exists in Online Examination System version 1.0, which originates from /adminpanel/admin/query/addCourseExe.php contains unknown code that leads to SQL injection via the...

Rockwell Automation FactoryTalk Remote Access 安全漏洞

Rockwell Automation FactoryTalk Remote Access is a solution from Rockwell Automation that allows users to securely access, monitor and control their industrial automation equipment and systems from any location. A security vulnerability exists in Rockwell Automation FactoryTalk Remote Access that...

CVE-2024-20366

A vulnerability in the Tail-f High Availability Cluster Communications HCC function pack of Cisco Crosswork Network Services Orchestrator NSO could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability exists because a user-controlled searc...

CVE-2024-20366

A vulnerability in the Tail-f High Availability Cluster Communications HCC function pack of Cisco Crosswork Network Services Orchestrator NSO could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability exists because a user-controlled searc...

Cisco Crosswork Network Services Orchestrator 安全漏洞

Cisco Crosswork Network Services Orchestrator is a network services orchestrator from Cisco USA. A security vulnerability exists in Cisco Crosswork Network Services Orchestrator that originates from the use of a user-controlled search path to locate executables, allowing an authenticated, local...

PT-2024-40140 · Ez Systems · Ez Platform

Name of the Vulnerable Software and Affected Versions: ezplatform versions prior to 1.7.9.1 ezplatform versions prior to 1.13.5.1 ezplatform versions prior to 2.5.4.1 Description: The issue affects eZ Platform setups on the Platform.sh cloud service, where a rewrite rule intended to block access ...

Panoramic Corporation Digital Imaging Software 安全漏洞

Panoramic Corporation Digital Imaging Software is an imaging software from Panoramic Corporation. A security vulnerability exists in Panoramic Corporation Digital Imaging Software version v.9.1.2.7600, which originates from a vulnerability that allows a local attacker to escalate privileges via t...

Kemp LoadMaster Local sudo Privilege Escalation Exploit

This Metasploit module abuses a feature of the sudo command on Progress Kemp LoadMaster. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. Some files have this permission are not write-protected from the default bal user. As such,...

Kemp LoadMaster Local sudo privilege escalation

This module abuses a feature of the sudo command on Progress Kemp LoadMaster. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. Some files have this permission are not write-protected from the default 'bal' user. As such, if the...

Microsoft Process Explorer 安全漏洞

Microsoft Process Explorer is a process explorer from Microsoft Corporation USA. A security vulnerability exists in Microsoft Process Explorer versions prior to 17.04, which stems from a wcscats error handling issue, that allows an attacker to render its functionality unavailable by renaming an...

PT-2024-13055 · Microsoft · Process Explorer

Name of the Vulnerable Software and Affected Versions: Process Explorer versions prior to 17.04 Description: The issue allows attackers to make Process Explorer functionally unavailable, resulting in a denial of service for analysis. This can be achieved by renaming an executable file to a new...

CVE-2024-4549

A denial of service vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior. When processing an 'ICS Restart!' message, CEBC.exe restarts the system...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics, Taiwan, China, for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and...