6687 matches found
CVE-2020-37101 VPN unlimited 6.1 - Unquoted Service Path
VPN Unlimited 6.1 contains an unquoted service path vulnerability that allows local attackers to inject malicious executables into the service binary path. Attackers can exploit the unquoted path in 'C:\Program Files x86\VPN Unlimited' to replace the service executable and gain elevated system...
CVE-2020-37101
CVE-2020-37101 : VPN Unlimited 6.1 on Windows is affected by an unquoted service path vulnerability in the service binary path at C:\Program Files (x86)\VPN Unlimited, allowing a local attacker to replace the service executable and achieve elevated privileges. The description and connected source...
CVE-2020-37099
Disk Savvy Enterprise 12.3.18 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Savvy Enterprise\bin\disksvs.exe' to inject malicious...
CVE-2020-37099
Disk Savvy Enterprise 12.3.18 contains an unquoted service path vulnerability in its service configuration (C:\Program Files\Disk Savvy Enterprise\bin\disksvs.exe), enabling local attackers to inject malicious executables and escalate privileges. Affected component: the Disk Savvy service. Root c...
EUVD-2020-30977
Disk Savvy Enterprise 12.3.18 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Savvy Enterprise\bin\disksvs.exe' to inject malicious...
SUSE CVE-2026-1703
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
KeepSolid VPN Unlimited 代码问题漏洞
KeepSolid VPN Unlimited is a VPN proxy software developed by the American company KeepSolid. Version 6.1 of KeepSolid VPN Unlimited contains a code vulnerability. This vulnerability stems from an unquoted service path vulnerability. Attackers can exploit this vulnerability by replacing the servic...
PT-2026-6334
Name of the Vulnerable Software and Affected Versions BrowserStack Runner versions 0.1.0 through 0.9.5 Notepad++ versions prior to 8.8.2 Description BrowserStack Runner contains a path traversal issue in the default HTTP handler within lib/server.js. This allows unauthenticated network-adjacent...
PT-2026-5850
VPN Unlimited 6.1 contains an unquoted service path vulnerability that allows local attackers to inject malicious executables into the service binary path. Attackers can exploit the unquoted path in 'C:Program Files x86VPN Unlimited' to replace the service executable and gain elevated system...
AZL-76593 CVE-2026-1703 affecting package python-pip 24.2-5
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
AZL-76499 CVE-2026-1703 affecting package python3 3.9.19-19
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
UBUNTU-CVE-2026-1703
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
CVE-2026-1703 Limited path traversal when installing wheel archives
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
MAL-2026-649 Malicious code in callapirequests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6e7fadeb48347b57805dea2f58d0f662e43170e0e4439a424f6dec66cf285452 Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in callapirequests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6e7fadeb48347b57805dea2f58d0f662e43170e0e4439a424f6dec66cf285452 Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2026-641 Malicious code in connections-api-requests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5d9023bd1b2434b0519e9f26fe6d776297700ef0d80c05ba50ead13c6e3d61bb Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in connections-api-requests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5d9023bd1b2434b0519e9f26fe6d776297700ef0d80c05ba50ead13c6e3d61bb Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2026-640 Malicious code in connections-api-request (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cbd9a8004eda10de0059f97712efe95c76e4302c5da5ff83e7fe3bdd3abd381b Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in connections-api-request (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cbd9a8004eda10de0059f97712efe95c76e4302c5da5ff83e7fe3bdd3abd381b Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in connection-api-requests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1e1edf0790733aa25ad085b523a095b1ee4abee84eca696bbcaf1682cca2c2ad Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...