MAL-2026-4691 Malicious code in testnpmnmp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e82942b1fcdaed1a1085ad9590ef93704e276c5c5ca1622884abac014f03980f package.json declares "preinstall": "./scripts/postbuild", where scripts/postbuild is a 976,568-byte unsigned, unhashed, unversioned Linux ELF...

MAL-2026-4689 Malicious code in test-ajs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 851b521e3dde5ea11478cd37cc4bf8da2f0a0ca1864d6c39fa27fd02ef0f9308 test-ajs advertises a 2KB React/Recoil helper dist/cjs/index.js, 2169 bytes, exporting Roid/inject glue over react+recoil but ships a 976KB Linux ELF...

CVE-2026-32679

The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...

CVE-2026-25191

CVE-2026-25191 affects the FinalCode Client installer by Digital Arts Inc. The issue is a DLL search path problem: if a user places a malicious DLL in the same directory as the installer and runs it, arbitrary code may be executed with the installer's privileges. This is a local issue with high i...

CVE-2026-25191

The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL search path. If a user is directed to place a malicious DLL file and the installer to the same directory and execute the installer, arbitrary code may be executed with the installer's execution privileg...

PT-2026-22123

The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL search path. If a user is directed to place a malicious DLL file and the installer to the same directory and execute the installer, arbitrary code may be executed with the installer's execution privileg...

CVE-2026-21427

The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running installer...

CVE-2026-21427

The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running installer...

Dell Display and Peripheral Manager 安全漏洞

Dell Display and Peripheral Manager is a peripheral management software from Dell USA. A security vulnerability exists in Dell Display and Peripheral Manager versions prior to 2.1.2.12, which stems from an unwanted privileged execution of the installer, which could result in elevated privileges...

EUVD-2022-50396

Malicious code in bioql PyPI...

CVE-2025-9267

The CVE-2025-9267 issue affects Seagate Toolkit on Windows, specifically Toolkit Installer versions prior to 2.35.0.6. The vulnerability arises from loading DLLs from the current working directory without validating origin or integrity, due to insecure DLL loading practices and reliance on relati...

Dell SupportAssist for Home PCs Elevation of Privilege Vulnerability

Dell SupportAssist for Home PCs is a client application for home computers from Dell USA that provides automated, proactive and predictive techniques for troubleshooting and more. An elevation of privilege vulnerability exists in Dell SupportAssist for Home PCs, which arises from improper privile...

Dell SupportAssist for Home PCs 安全漏洞

Dell SupportAssist for Home PCs is a client application for home computers from Dell USA that provides automated, proactive and predictive techniques for troubleshooting and more. An elevation of privilege vulnerability exists in Dell SupportAssist for Home PCs, which arises from improper privile...

CVE-2024-24916

Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges admin...

CVE-2024-24916 DLL-HiJacking

Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges admin...

CVE-2024-24916

CVE-2024-24916 concerns DLL hijacking in the installer for Check Point SmartConsole. The vulnerability stems from untrusted DLLs in the installer’s directory that can be loaded via the Windows DLL search order, potentially allowing arbitrary code execution with installer privileges (admin). Affec...

Check Point SmartConsole 安全漏洞

Check Point SmartConsole is a graphical user interface for centralized management of Check Point security products from Check Point Israel. A security vulnerability exists in Check Point SmartConsole versions R81.10 and R81.20 that originates from an untrusted DLL in the installer directory that...

CVE-2019-5931

Cybozu Garoon 4.0.0 to 4.6.3 allows authenticated attackers to alter the information with privileges invoking the installer via unspecified vectors...

Trend Micro Apex One 缓冲区错误漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro. Trend Micro Apex One suffers from a buffer error vulnerability that stems from its Unauthorized Change Prevention service that allows a local attacker to elevate the privileges of the affected installer...

Trend Micro Apex One 安全漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro. A security vulnerability exists in Trend Micro Apex One that stems from its Apex One service mishandling an exception condition allowing a local attacker to escalate the privileges of the installer...