CVE-2026-8148

NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks...

EUVD-2026-28530

NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks...

CVE-2026-8148

NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks...

CVE-2026-8148

NAVER MYBOX Explorer for Windows before 3.0.11.160 is affected by a local privilege escalation vulnerability. The root cause is improper privilege checks that permit a local attacker to manipulate the registry to gain NT AUTHORITY\SYSTEM privileges. The CVE entry for CVE-2026-8148 documents a HIG...

CVE-2026-8148

NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks...

CVE-2026-8148

NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks...

PT-2026-38666

Name of the Vulnerable Software and Affected Versions NAVER MYBOX Explorer for Windows versions prior to 3.0.11.160 Description Improper privilege checks allow a local attacker to escalate privileges to NT AUTHORITYSYSTEM through registry manipulation. Recommendations Update to version 3.0.11.160...

CVE-2021-22037

Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path...

EUVD-2025-197605

Authorization Bypass Through User-Controlled Key, Weak Password Recovery Mechanism for Forgotten Password, Authentication Bypass by Assumed-Immutable Data vulnerability in Optimus Software Brokerage Automation allows Exploiting Trust in Client, Authentication Bypass, Manipulate Registry...

CVE-2025-8855

Authorization Bypass Through User-Controlled Key, Weak Password Recovery Mechanism for Forgotten Password, Authentication Bypass by Assumed-Immutable Data vulnerability in Optimus Software Brokerage Automation allows Exploiting Trust in Client, Authentication Bypass, Manipulate Registry...

CVE-2025-8855 2FA Expiry Bypass in Optimus Software's Brokerage Automation

Authorization Bypass Through User-Controlled Key, Weak Password Recovery Mechanism for Forgotten Password, Authentication Bypass by Assumed-Immutable Data vulnerability in Optimus Software Brokerage Automation allows Exploiting Trust in Client, Authentication Bypass, Manipulate Registry...

CVE-2025-8855

Authorization Bypass Through User-Controlled Key, Weak Password Recovery Mechanism for Forgotten Password, Authentication Bypass by Assumed-Immutable Data vulnerability in Optimus Software Brokerage Automation allows Exploiting Trust in Client, Authentication Bypass, Manipulate Registry...

CVE-2025-8855 2FA Expiry Bypass in Optimus Software's Brokerage Automation

Authorization Bypass Through User-Controlled Key, Weak Password Recovery Mechanism for Forgotten Password, Authentication Bypass by Assumed-Immutable Data vulnerability in Optimus Software Brokerage Automation allows Exploiting Trust in Client, Authentication Bypass, Manipulate Registry...

CVE-2025-8855

Optimus Software Brokerage Automation before version 1.1.71 is affected by multiple auth-related issues: Authorization Bypass Through User-Controlled Key, Weak Password Recovery Mechanism for Forgotten Password, and Authentication Bypass by Assumed-Immutable Data. These flaws enable exploitation ...

Optimus Brokerage Automation 授权问题漏洞

Optimus Brokerage Automation is an automation management software from Optimus, Turkey. An authorization issue vulnerability exists in Optimus Brokerage Automation versions prior to 1.1.71 that stems from an authorization bypass and weak password recovery mechanism issue that could lead to...

Malicious code in wibowo-kue2-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac43ce9eb0c6e3234d251b6922fd6460f3c49022b50f45fa7a83fbe51f6a993e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-104457 Malicious code in iwan-lepet90-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd2e600c722751ca22620558a5a6c42fa56d8e12e1660b9dee4c67a109d89b8b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-84499 Malicious code in dewi-kue25-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8127d4845b35626d27fe97ba07ce30f447726eb202f81b42fa9a552e55f1cc06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2021-9206

Malicious code in bioql PyPI...

CVE-2022-25623

The Symantec Management Agent is susceptible to a privilege escalation vulnerability. A low privilege local account can be elevated to the SYSTEM level through registry manipulations...