CVE-2026-1715

An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges...

CVE-2026-20893

Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier. If this vulnerability is exploited, an attacker who can log in to the Windows system where the affected product is installed may execute arbitrary code with SYSTEM privilege and/o...

CVE-2026-20893

Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier. If this vulnerability is exploited, an attacker who can log in to the Windows system where the affected product is installed may execute arbitrary code with SYSTEM privilege and/o...

Malicious code in nuyar-amair-taqaaibg (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8bd32994998ff139ba6bd9a9aa28233af171cc7a505887e2dab2c5d86faa6c8f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in quarrelsome_quokka_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5230774f81d906260bb406b3a02ade6e62b8a6067dd9ef7d92e8071f58ed9077 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2022-41606

Malicious code in bioql PyPI...

Lenovo Vantage 安全漏洞

Lenovo Vantage is a computer management application from the Chinese company Lenovo Lenovo. The program supports features such as driver updates, device status diagnostics, and computer configuration. A security vulnerability exists in Lenovo Vantage, which stems from improper authentication and...

CVE-2024-40720

The CVE-2024-40720 entry concerns CHANGING Information Technology’s TCBServiSign Windows Version. A specific API fails to properly validate server-side input, enabling unauthenticated, remote attackers to modify the HKEY_CURRENT_USER registry when a user visits a spoofed website and execute arbit...

PT-2024-28999 · Changing Information Technology · Tcbservisign Windows Version

Name of the Vulnerable Software and Affected Versions: TCBServiSign Windows Version from CHANGING Information Technology affected versions not specified Description: The issue concerns improper validation of server-side input in a specific API. This can be exploited by unauthenticated remote...

CVE-2020-8474

Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction...

Veritas Backup Exec Server Remote Registry Access Code Execution - Ver2 (CVE-2005-0771)

A code execution vulnerability has been reported in Veritas Backup Exec Server. Successful exploitation of this vulnerability could allow a remote attacker to modify the registry and execute arbitrary methods via RPC on the affected system...

CVE-2005-2027

Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 does not properly restrict certain debugging commands to the ADMIN account, which could allow attackers to obtain sensitive information or modify the registry...