1340 matches found
Malicious code in noblox.ts-core (npm)
This package is considered malicious because it contains a heavily obfuscated postinstall.js script with multiple stages of payload execution, resulting in the delivery of QuasarRAT. This allows command and control by a malicious actor. --- -= Per source details. Do not edit below this line.=-...
Malicious code in discord-api-ts (npm)
This package is considered malicious because it contains a heavily obfuscated postinstall.js script with multiple stages of payload execution, resulting in the delivery of QuasarRAT. This allows command and control by a malicious actor. --- -= Per source details. Do not edit below this line.=-...
Malicious code in noblox-cores-ts (npm)
This package is considered malicious because it contains a heavily obfuscated postinstall.js script with multiple stages of payload execution, resulting in the delivery of QuasarRAT. This allows command and control by a malicious actor. --- -= Per source details. Do not edit below this line.=-...
Malicious code in noblox-core-ts (npm)
This package is considered malicious because it contains a heavily obfuscated postinstall.js script with multiple stages of payload execution, resulting in the delivery of QuasarRAT. This allows command and control by a malicious actor...
Malicious code in noblox-ts (npm)
This package is considered malicious because it contains a heavily obfuscated postinstall.js script with multiple stages of payload execution, resulting in the delivery of QuasarRAT. This allows command and control by a malicious actor. --- -= Per source details. Do not edit below this line.=-...
RHEL 6 : dovecot (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dovecot: Buffer overflow in indexer-worker process results in privilege escalation CVE-2019-7524 - A...
CVE-2024-27301
Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...
CVE-2024-27301 Privilege Escalation Abusing installer in SupportApp
Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...
CVE-2024-27301 Privilege Escalation Abusing installer in SupportApp
Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...
PT-2024-21805
Name of the Vulnerable Software and Affected Versions Support App versions prior to 2.5.1 Rev 2 Description The issue is related to the postinstall installer script, which can be abused to execute arbitrary code as root due to the use of the shebang !/bin/zsh. When the installer is executed, it...
SUSE CVE-2016-4983
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files...
Malicious code in testing-postinstall (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92117c1864ea6df0bfd00f9d5f2f45cd011b75117f4ba545096788dcc75c0a57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-856 Malicious code in testing-postinstall (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92117c1864ea6df0bfd00f9d5f2f45cd011b75117f4ba545096788dcc75c0a57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Gentoo 安全漏洞
Gentoo is an open source Linux system from the Gentoo Foundation. A security vulnerability exists in Gentoo logcheck-1.3.23.ebuild and earlier versions, which originates from an attacker being able to perform a root privilege elevation via "chown -R" in pkgpostinst...
Malicious code in postinstall-dummy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 652042e2c25b6583777de6cdf0e4beeaaa9bb3e1a1114ca94840dae3e7a4715d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5429 Malicious code in postinstall-dummy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 652042e2c25b6583777de6cdf0e4beeaaa9bb3e1a1114ca94840dae3e7a4715d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2022-18679 · Automox · Automox Agent For Macos
Name of the Vulnerable Software and Affected Versions: Automox Agent for macOS versions prior to 39 Automox Agent for macOS versions prior to 37 Description: The issue is related to a time-of-check/time-of-use TOCTOU race-condition attack that can occur during the agent install process. It also...
Automox Alive Automox Agent 安全漏洞
Automox is a cloud-based tool from US-based Automox Inc. It can fully automate the patch repair process in Windows, macOS, Linux and third-party software including Adobe, Firefox, Chrome and Windows. A security vulnerability exists in Automox Alive Automox Agent that originates from allowing an...
USN-5259-3 cron regression
USN-5259-1 and USN-5259-2 fixed vulnerabilities in Cron. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the postinst maintainer script in Cron unsafely...
Solaris 10 (sparc) : 119783-47
Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: Bind/Postinstall script for Bind package. The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component o...