60 matches found
Malicious code in theme-color-picker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7a4ba7e8664b9e1d99c4018963a4731d591653d7f2a9b879ba090e7a7f6e7bd Although the package presents itself as a 'theme color picker', package.json identifies the publisher as analysis-chart.io with repository...
MAL-2026-6357 Malicious code in theme-color-picker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7a4ba7e8664b9e1d99c4018963a4731d591653d7f2a9b879ba090e7a7f6e7bd Although the package presents itself as a 'theme color picker', package.json identifies the publisher as analysis-chart.io with repository...
CVE-2026-25865 Punto Switcher 4.5.0.583 Unquoted Search Path via WinExec
Punto Switcher through 4.5.0.583 contains an unquoted search path element vulnerability that allows local attackers to execute arbitrary code by exploiting the application's call to WinExec without a fully qualified path for RunDll32.exe when invoking shell32.dll ControlRunDLL input.dll. Attacker...
CVE-2025-66576
Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution...
EUVD-2025-201265
Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution...
CVE-2025-66576
Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution...
CVE-2025-66576
Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution...
CVE-2025-66576
CVE-2025-66576 affects Remote Keyboard Desktop 1.0.1. The vulnerability stems from the rundll32.exe export function named “export,” which allows remote attackers to execute system commands and achieve unauthenticated code execution. Public sources in the provided set reiterate the RCE impact but ...
CVE-2025-66576 Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)
Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution...
Remotecontrolio Remote Keyboard Desktop 操作系统命令注入漏洞
Remotecontrolio Remote Keyboard Desktop is a remote control application from Remotecontrolio. An operating system command injection vulnerability exists in Remotecontrolio Remote Keyboard Desktop version 1.0.1, which stems from a flaw in the rundll32.exe export function that could lead to...
PT-2025-49152
Name of the Vulnerable Software and Affected Versions Remote Keyboard Desktop version 1.0.1 Description The software allows remote attackers to execute system commands. This is possible through the rundll32.exe exported function export, leading to unauthenticated code execution. Recommendations A...
📄 Microsoft Windows 10 Famille 10.0.19045.5487 (rundll32) Privilege Escalation
Microsoft Windows 10 Famille version 10.0.19045.5487 suffers from a rundll32 related privilege escalation vulnerability. ============================================================================================================================================= | Title : Microsoft Windows 10...
New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs
Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously undocumented .NET malware dubbed CAPI Backdoor. According to Seqrite Labs, the attack chain involves distributing phishing emails containing a ZIP...
Microsoft Windows Defender - Detection Mitigation Bypass TrojanWin32Powessere.G
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERTROJAN.WIN32.POWESSERE.GMITIGATIONBYPASSPART3.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender...
Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERTROJAN.WIN32.POWESSERE.GMITIGATIONBYPASSPART2.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender...
Microsoft Windows Defender / Detection Bypass Part 3
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERTROJAN.WIN32.POWESSERE.GMITIGATIONBYPASSPART3.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender...
Metasploit Weekly Wrap-Up 02/16/2024
New Fetch Payload It has been almost a year since Metasploit released the new fetch payloads and since then, 43 of the 79 exploit modules have had support for fetch payloads. The original payloads supported transferring the second stage over HTTP, HTTPS and FTP. This week, Metasploit has expanded...
SMB Fetch, Windows Meterpreter Shell, Bind TCP Inline (x64)
Fetch and execute an x64 payload from an SMB server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/smb/x64/meterpreterbindtcp msf payloadmeterpreterbindtcp show actions ...actions... msf payloadmeterpreterbindtcp set...
SMB Fetch, Windows x64 LoadLibrary Path
Fetch and execute an x64 payload from an SMB server. Load an arbitrary x64 library path Module Options msf use payload/cmd/windows/smb/x64/loadlibrary msf payloadloadlibrary show actions ...actions... msf payloadloadlibrary set ACTION msf payloadloadlibrary show options ...show and set options...
SMB Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x64 payload from an SMB server. Connect back to the attacker Module Options msf use payload/cmd/windows/smb/x64/vncinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options...