194 matches found
EUVD-2024-27606
Malicious code in bioql PyPI...
EUVD-2022-37804
Malicious code in bioql PyPI...
EUVD-2025-12180
Malicious code in bioql PyPI...
EUVD-2025-17356
Malicious code in bioql PyPI...
EUVD-2023-31138
Malicious code in bioql PyPI...
EUVD-2022-44382
Malicious code in bioql PyPI...
EUVD-2024-47958
Malicious code in bioql PyPI...
EUVD-2022-15645
Malicious code in bioql PyPI...
CVE-2025-27237
In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL...
CVE-2025-27237 DLL injection in Zabbix Agent and Agent 2 via OpenSSL configuration
In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL...
Zabbix Agent 安全漏洞
Zabbix Agent is a component in Zabbix from Zabbix Latvia. A security vulnerability exists in Zabbix Agent that stems from an OpenSSL configuration file load path that can be written by a low-privileged user, potentially resulting in local elevation of privilege...
CVE-2025-8614 NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...
NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of...
CVE-2025-8069
During the AWS Client VPN client installation on Windows devices, the install process references the C:\usr\local\windows-x8664-openssl-localbuild\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If...
Amazon AWS Client VPN Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Amazon AWS Client VPN. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-8069
During the AWS Client VPN client installation on Windows devices, the install process references the C:\usr\local\windows-x8664-openssl-localbuild\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If...
CVE-2025-8069 Local Privilege Escalation Vulnerability in AWS Client VPN Windows Client
During the AWS Client VPN client installation on Windows devices, the install process references the C:\usr\local\windows-x8664-openssl-localbuild\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If...
Amazon AWS VPN Client 安全漏洞
Amazon AWS VPN Client is a fully managed remote access VPN solution from Amazon.com, Inc. A security vulnerability exists in Amazon AWS VPN Client versions prior to 5.2.2 that originates from referencing an unprotected OpenSSL configuration file during installation, which could lead to arbitrary...
PT-2025-30596 · Openssl +1 · Openssl +1
Name of the Vulnerable Software and Affected Versions: AWS Client VPN versions 4.1.0 through 5.2.1 Description: A high-severity vulnerability exists in AWS Client VPN for Windows that allows local privilege escalation. During the client installation process, the software references the directory...
Trellix Endpoint Security 代码注入漏洞
Trellix Endpoint Security ENS is an endpoint security solution from FireEye Trellix USA. A code injection vulnerability exists in the Trellix Endpoint Security HX Agent that originates from a privileged user being able to create a malicious OpenSSL configuration file that could lead to the loadin...