EEF-CVE-2026-32148 Lockfile checksums not verified in Hex allows dependency integrity bypass

Summary Insufficient Verification of Data Authenticity vulnerability in hexpm hex Hex.RemoteConverger module allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for dependencies in the mix.lock file to ensure reproducible and integrity-checked builds. Howeve...

Malicious code in loopback-firebase-postgres-luna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2789696425e4ec276c93faea29470a11265e41a4117bcdbc14f88a208240a63e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in rina-wajit82-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d632b52eebd12f4e178bb43da80901bb70e683a33cc2b8c4fb857c22131645ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-37347

Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration...

CVE-2025-4952

Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration...

CVE-2025-4952

CVE-2025-4952 involves tampering with registry entries that could prevent ESET security products for Windows from starting on the next system startup or allow unauthorized changes to the product configuration. Connected documents corroborate the registry-tampering theme affecting ESET products, b...

CVE-2025-4952 Denial-of-service vulnerability in ESET security products for Windows

Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration...

CVE-2025-4952 Denial-of-service vulnerability in ESET security products for Windows

Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration...

PT-2025-44622

Name of the Vulnerable Software and Affected Versions ESET security products for Windows affected versions not specified Description Tampering with registry entries could prevent ESET security products from starting correctly upon the next system startup or result in unauthorized changes to the...

ESET NOD32 Antivirus 安全漏洞

ESET NOD32 Antivirus is an antivirus program from ESET. A security vulnerability exists in ESET NOD32 Antivirus that originates from a possible tampering with registry entries, which could cause the security product to fail to start correctly or the configuration to be changed without authorizati...

CVE-2024-47560

CVE-2024-47560 affects RevoWorks Cloud Client 3.0.91 and earlier. The issue is an incorrect authorization vulnerability that can allow execution of unintended processes inside the sandbox environment. The sandbox may leak information externally or have its behavior tampered via registry manipulat...

CVE-2024-47560

RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect authorization vulnerability. If this vulnerability is exploited, unintended processes may be executed in the sandbox environment. Even if malware is executed in the sandbox environment, it does not compromise the client's local...

RevoWorks Cloud vulnerable to unintended process execution

Overview RevoWorks Cloud provided by J's Communication Co., Ltd. is software to build a sandbox environment isolated from a client's local environment. In the sandbox environment, the product provides the function enabling execution of web browsers and detection and blocking of unauthorized...

PT-2024-32660 · Revoworks · Revoworks Cloud Client

Name of the Vulnerable Software and Affected Versions: RevoWorks Cloud Client versions 3.0.91 and earlier Description: The issue is related to an incorrect authorization vulnerability. If exploited, it may allow unintended processes to be executed in the sandbox environment. Although the local...

J’s Communication RevoWorks Cloud Client 安全漏洞

J's Communication RevoWorks Cloud Client is a software from J's Communication Japan for building sandboxed environments that are isolated from the customer's local environment. A security vulnerability exists in J's Communication RevoWorks Cloud Client version 3.0.91 and prior versions. An attack...

CVE-2022-27608

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with Administrator privileges. This could result in a user disabling anti-tampering mechanisms which would then allow the user to disable Forcepoint One Endpoint and the...

CVE-2022-27608

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with Administrator privileges. This could result in a user disabling anti-tampering mechanisms which would then allow the user to disable Forcepoint One Endpoint and the...

Forcepoint One Endpoint安全漏洞

Forcepoint One Endpoint is a data leakage prevention solution from US-based Forcepoint. A security vulnerability exists in Forcepoint One Endpoint for Microsoft Windows prior to version 22.01, which originates from an attacker with administrator privileges tampering with the registry, causing the...

Internet Bug Bounty: The “Malstaller” Attack, global hijacking of any installation process to achieve RCE with elevated privileges, Windows OS (vendor agnostic)

Malstaller is a severe vulnerability that affects the installation process of an unknown number of software including many top-100 download software. The vulnerability affects Windows OS WIN 7 verified vulnerable users and variations of the attack can affect already installed software and native...