Thousands of WordPress Websites Infected with Malware

The malware includes four separate backdoors: Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed. A unique case we haven't seen before. Which introduces another type of attack made possibly by abusing websites that don't monitor...

Linux Distros Unpatched Vulnerability : CVE-2014-9235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple SQL injection vulnerabilities in Zoph aka Zoph Organizes Photos 0.9.1 and earlier allow remote authenticated users to execute arbitrary SQL commands vi...

Mercury MIPC552W 安全漏洞

Mercury MIPC552W is a webcam from Mercury China. A security vulnerability exists in Mercury MIPC552W v1.0, which stems from a lack of length validation and a buffer overflow vulnerability that could cause the remote target device to crash or execute arbitrary commands...

CVE-2024-55580

An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. Unprivileged users with network access may be able to execute remote commands that could cause high availability damages, including high integrity and confidentiality risks. This is fixed in November 2024 IR, Ma...

CVE-2025-22611

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to escalate his or any other team members privileges to any role, including the owner role. He's also able t...

PT-2025-3849 · Nec · Aterm Wx3600Hp +1

Name of the Vulnerable Software and Affected Versions: NEC Corporation Aterm WX1500HP versions 1.4.2 and earlier NEC Corporation Aterm WX3600HP versions 1.5.3 and earlier Description: The issue allows an attacker to execute arbitrary OS commands via the network. This can be done through the...

Four-Faith F3x24和Four-Faith F3x36 安全漏洞

The Four-Faith F3x24 and Four-Faith F3x36 are both portable wireless mobile routers from Four-Faith China. A security vulnerability exists in the Four-Faith F3x24 and Four-Faith F3x36. The vulnerability can be exploited to execute arbitrary operating system commands over HTTP while changing the...

Vulnerabilities fixed in Qlik Sense Enterprise for Windows

Qlik has fixed vulnerabilities in Qlik Sense Enterprise for Windows for versions before November 2024 IR. The vulnerabilities are in the way Qlik Sense Enterprise handles network access for non-privileged users. These users can create connection objects that can execute arbitrary EXE files, leadi...

CVE-2024-55580

An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. Unprivileged users with network access may be able to execute remote commands that could cause high availability damages, including high integrity and confidentiality risks. This is fixed in November 2024 IR, Ma...

Malicious code in cdp-agentkit-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eca0429e104094162231b21ae70c94d199a4c5c2d25813c0eb807d94d7079973 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2024-35791 · Thinkware · Thinkware Cloud Apk

Name of the Vulnerable Software and Affected Versions: Thinkware Cloud APK version 4.3.46 Description: A hardcoded decryption key in the Thinkware Cloud APK allows attackers to access sensitive data and execute arbitrary commands with elevated privileges. Recommendations: For Thinkware Cloud APK...

The vulnerability of Fortinet FortiClientWindows security devices arises from the improper assignment of permissions to critical resources and incorrect synchronization settings (“Race Condition”). This allows attackers to execute arbitrary commands.

The vulnerability of Fortinet FortiClientWindows protection devices is related to the improper assignment of permissions for critical resources and incorrect synchronization “Race Condition”. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

Malicious code in hmac2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 055915f62eab8a5fe37b7501a3ed565a2aba267bdd69e82acaa13525bacf41a1 The package contains obfuscated code that exfiltrate basic data, and then executes commands delivered from remote server --- Category: MALICIOUS - The campaign...

Millions of Kia vehicles were vulnerable to remote attacks with just a license plate number

In June of 2024 security researchers uncovered a set of vulnerabilities in the Kia dealer portal that allowed them to remotely take over any Kia vehicle built after 2013—and all they needed was a license plate number. According to the researchers: "These attacks could be executed remotely on any...

Malicious code in assistants-nextjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 49dcd943b6b43273aa613aed19e623aa2ae67153ce323248811b64b441f38364 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2024-31413 · Unknown · Progauge Maglink Lx Console

Name of the Vulnerable Software and Affected Versions: ProGauge MAGLINK LX CONSOLE affected versions not specified Description: A specially crafted POST request to the "ProGauge MAGLINK LX CONSOLE IP sub-menu" can allow a remote attacker to inject arbitrary commands. This issue is being actively...

PT-2024-15290 · Pure Storage · Flasharray +1

Name of the Vulnerable Software and Affected Versions: FlashArray and FlashBlade Purity affected versions not specified Description: A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP...

Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability

Acronis Cyber Infrastructure ACI allows an unauthenticated user to execute commands remotely due to the use of default passwords...

CVE-2024-20296

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit this vulnerability, an attacker would need at least valid Policy Admin credentials on the affected...

CVE-2024-39565

An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to execute remote commands on the target device. While an administrator is logged into a J-Web session or...