Malicious code in ntoutils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 15b6e8b1974bbd5ee6ee5e5abe0619080d87644b200fd8fc410f70a2f23213ff Importing the module downloads and runs a remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

CVE-2026-25880 Untrusted Search Path in SumatraPDF Reader (explorer.exe on Windows)

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

picoCTF_2025_pie_time

PIE Exploit Challenge Exploiting a PIE Position Independent...

MAL-2026-811 Malicious code in grokwrapper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a7ae896464be7f195243e35231a2435d0a1eb055cc7fa8cfaef707c7e11c55b2 During importing the module, package silently execute code hidden in an embedded config file, and downloads remote executable. It's then added to Run registry...

CVE-2020-37129

Memu Play 7.1.3 contains an insecure folder permissions vulnerability that allows low-privileged users to modify the MemuService.exe executable. Attackers can replace the service executable with a malicious file during system restart to gain SYSTEM-level privileges by exploiting unrestricted file...

CVE-2020-37129 Memu Play 7.1.3 - Insecure Folder Permissions

Memu Play 7.1.3 contains an insecure folder permissions vulnerability that allows low-privileged users to modify the MemuService.exe executable. Attackers can replace the service executable with a malicious file during system restart to gain SYSTEM-level privileges by exploiting unrestricted file...

CVE-2020-37129

Memu Play 7.1.3 contains an insecure folder permissions vulnerability that allows low-privileged users to modify the MemuService.exe executable. Attackers can replace the service executable with a malicious file during system restart to gain SYSTEM-level privileges by exploiting unrestricted file...

EUVD-2020-31025

Memu Play 7.1.3 contains an insecure folder permissions vulnerability that allows low-privileged users to modify the MemuService.exe executable. Attackers can replace the service executable with a malicious file during system restart to gain SYSTEM-level privileges by exploiting unrestricted file...

CVE-2020-37129

CVE-2020-37129 affects Memu Play 7.1.3. The vulnerability is due to insecure folder permissions that let a low-privileged user modify MemuService.exe, enabling replacement with a malicious file at system restart to gain SYSTEM-level privileges. Connected sources corroborate the issue and describe...

CVE-2019-25271

NETGATE Data Backup 3.0.620 contains an unquoted service path vulnerability in its NGDatBckpSrv Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific directory locations...

CVE-2019-25269

Amiti Antivirus 25.0.640 contains an unquoted service path vulnerability in its Windows service configurations. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges by placing executable files in specific directory locations...

CVE-2019-25272

TexasSoft CyberPlanet 6.4.131 contains an unquoted service path vulnerability in the CCSrvProxy service that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files x86\TenaxSoft\CyberPlanet\SrvProxy.exe' to inject malicious executables and...

CVE-2019-25288

Wacom WTabletService 6.6.7-3 contains an unquoted service path vulnerability that allows local attackers to execute malicious code with elevated privileges. Attackers can insert an executable file in the service path to run unauthorized code when the service restarts or the system reboots...

EUVD-2019-19385

Alps Pointing-device Controller 8.1202.1711.04 contains an unquoted service path vulnerability in the ApHidMonitorService that allows local attackers to execute code with elevated privileges. Attackers can place a malicious executable in the service path and gain system-level access when the...

CVE-2019-25273 Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path

Easy-Hide-IP 5.0.0.3 contains an unquoted service path vulnerability in the EasyRedirect service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe' to inject malicious executables and...

CVE-2019-25273 Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path

Easy-Hide-IP 5.0.0.3 contains an unquoted service path vulnerability in the EasyRedirect service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe' to inject malicious executables and...

CVE-2019-25272

TexasSoft CyberPlanet 6.4.131 contains an unquoted service path vulnerability in the CCSrvProxy service that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files x86\TenaxSoft\CyberPlanet\SrvProxy.exe' to inject malicious executables and...

Movable Type 安全漏洞

Movable Type is a content management system developed by Movable Type Inc. There is a security vulnerability in Movable Type, which stems from CSV files generated when is entered; these files may contain malicious code, potentially allowing arbitrary code to execute on the user’s system...

CVE-2020-37103 DotNetNuke 9.5 - Persistent Cross-Site Scripting

DotNetNuke 9.5 contains a persistent cross-site scripting vulnerability that allows normal users to upload malicious XML files with executable scripts through journal tools. Attackers can upload XML files with XHTML namespace scripts to execute arbitrary JavaScript in users' browsers, potentially...

K000159856: Binutils vulnerability CVE-2025-66862

Security Advisory Description A buffer overflow vulnerability in function gnuspecial in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. CVE-2025-66862 Impact An attacker can exploit this vulnerability to trigger a heap-based buffer over-read in...