MAL-2025-192659 Malicious code in hidden-powershell-runner-ax7 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5785c01837ec1727b89125cf1a3fec3ad941c4ff0b1246d8d16fec1dff53223a Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Malicious code in hidden-powershell-runner-ax7 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5785c01837ec1727b89125cf1a3fec3ad941c4ff0b1246d8d16fec1dff53223a Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

EUVD-2025-204434

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the software keyboard function hereinafter referred to as "keypad function" of Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics Digital Solutions...

CVE-2025-11774

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the software keyboard function hereinafter referred to as "keypad function" of Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics Digital Solutions...

CVE-2025-11774 Malicious Code Execution Vulnerability in the Software Keyboard Function of GENESIS64, ICONICS Suite, Mobile HMI, and MC Works64

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the software keyboard function hereinafter referred to as "keypad function" of Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics Digital Solutions...

CVE-2025-11774 Malicious Code Execution Vulnerability in the Software Keyboard Function of GENESIS64, ICONICS Suite, Mobile HMI, and MC Works64

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the software keyboard function hereinafter referred to as "keypad function" of Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics Digital Solutions...

CVE-2025-11774

CVE-2025-11774 affects Mitsubishi Electric GENESIS64 family, ICONICS Suite/MobileHMI/MC Works64 (versions up to 10.97.2 CFR3 and prior). The issue is an OS Command Injection via the software keypad function, caused by improper neutralization of special elements. A local attacker can cause executi...

PT-2025-52520

Name of the Vulnerable Software and Affected Versions AspEmail version 5.6.0.2 Description The software contains a binary permission issue that allows local users to gain higher system access. An attacker can replace the service executable within the BIN directory, due to full write permissions, ...

PT-2025-52394

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.2 CFR3 and prior Mitsubishi Electric ICONICS Suite versions 10.97.2 CFR3 and prior Mitsubishi Electric Iconics...

CVE-2025-1029

Use of Hard-coded Credentials vulnerability in Utarit Information Services Inc. SoliClub allows Read Sensitive Constants Within an Executable. This issue affects SoliClub: from 5.2.4 before 5.3.7...

CVE-2025-1029 Hardcoded Credentials in Utarit Informatics' SoliClub

Use of Hard-coded Credentials vulnerability in Utarit Information Services Inc. SoliClub allows Read Sensitive Constants Within an Executable. This issue affects SoliClub: from 5.2.4 before 5.3.7...

Exploit for External Control of File Name or Path in Microsoft

CVE-2025-33053 - WebDAV Remote Code Execution RCE PoC & C2 S...

CVE-2025-47372

Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication...

CVE-2025-14305

ListCheck.exe developed by Acer has a Local Privilege Escalation vulnerability. Authenticated local attackers can replace ListCheck.exe with a malicious executable of the same name, which will be executed by the system and result in privilege escalation...

[SECURITY] Fedora 42 Update: perl-Alien-Brotli-0.2.2-11.fc42

This distribution installs the brotli compressor, so that it can be used by other distributions, and provides a way to find the executable...

EUVD-2023-60218

USB Flash Drives Control 4.1.0.0 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\USB Flash Drives Control\usbcs.exe' to inject malicious...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption when reading an unauthenticated corrupted ELF image...

PT-2025-52223

Use of Hard-coded Credentials vulnerability in Utarit Information Services Inc. SoliClub allows Read Sensitive Constants Within an Executable.This issue affects SoliClub: from 5.2.4 before 5.3.7...

CVE-2023-53912 USB Flash Drives Control 4.1.0.0 Unquoted Service Path Privilege Escalation

USB Flash Drives Control 4.1.0.0 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\USB Flash Drives Control\usbcs.exe' to inject malicious...

Uncontrolled Search Path Element

Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to unsafe executable resolution when exporting notebooks containing SVG output to PDF. During export, the svg2pdf.py preprocessor resolves the inkscape executable using shutil.which, which on Windows...