PT-2026-24423

Name of the Vulnerable Software and Affected Versions Zoom Workplace for Windows versions prior to 6.6.0 Description The issue involves external control of the file name or path within the Mail feature. This can allow an unauthenticated user to escalate privileges through network access. The...

CVE-2025-13634

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41 allowed a local attacker to bypass mark of the web via a crafted HTML page. Chromium security severity: Medium...

Elastic Defend 安全漏洞

Elastic Defend is an application from the Dutch company Elastic. It provides prevention, detection and response capabilities, as well as deep visibility into EPP, EDR, SIEM and security analytics. A security vulnerability exists in Elastic Defend that stems from improperly saved permissions on a...

EUVD-2019-19211

Malware in sbrugna...

EUVD-2023-38686

Malicious code in bioql PyPI...

SUSE CVE-2025-11212

Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

PT-2025-30264 · Eslint +1 · @Eslint/Plugin-Kit +1

Name of the Vulnerable Software and Affected Versions: yt-dlp versions 2025.06.25 and below Description: yt-dlp is a command-line audio/video downloader. A flaw exists where, on Windows, using the --exec option with the default placeholder or results in insufficient sanitization of the expanded...

WhatsApp for Windows Flaw Could Let Hackers Sneak In Malicious Files

If you use WhatsApp Desktop on Windows, listen up! A flaw in WhatsApp for Windows CVE-2025-30401 let attackers disguise malicious files as safe ones. Update to version 2.2450.6 or later to stay secure...

11 Nation-State Hackers Exploit Unpatched Windows Flaw Since 2017

Microsoft refuses to patch serious Windows shortcut vulnerability abused in global espionage campaigns!...

Design/Logic Flaw

ripgrep before 13 on Windows allows attackers to trigger execution of arbitrary programs from the current working directory via the -z/--search-zip or --pre flag...

CVE-2019-9855

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...

The vulnerability of the Microsoft JET Database Engine database driver on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft JET Database Engine database driver for the Windows operating system exists due to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

CVE-2017-13791

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote...

August 15, 2017 – Morning Cyber Coffee Headlines – “Cats” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! August 15, 2017 - Headlines How Cybersecurity Became 2017’s Hot New Major - The...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the OLE component in the Windows operating system is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file...

The vulnerability of the Windows operating system allows a hacker to execute arbitrary code in the context of the current user.

The vulnerability of the Windows operating system exists due to incorrect handling of the event log file. The vulnerability can be exploited by opening the event log file created by the attacker. As a result of exploiting this vulnerability, an attacker who operates remotely can execute arbitrary...

Flash, Reader, Firefox and IE All Fall On First Day of Pwn2Own

Four different research teams on Wednesday cracked four products–Adobe Flash, Reader, Mozilla Firefox, and Microsoft Internet Explorer—and collectively earned a payout of $317,000 on the first day of Pwn2Own 2015. The annual hacking contest, which kicked off Wednesday in Vancouver, runs...

Intel CPU Vulnerability can provide control of your system to attacker

Intel CPU Vulnerability can provide control of your system to attacker The U.S. Computer Emergency Readiness Team US-CERT has disclosed a flaw in Intel chips that could allow hackers to gain control of Windows and other operating systems. The flaw has already been exploited on 64-bit versions of...

Microsoft Patches Windows Flaw Exploited by Duqu

Microsoft on Tuesday released 13 security bulletins, including three for critical flaws in Windows Media and in the Windows kernel-mode drivers. The company had planned on releasing 14 bulletins in December’s Patch Tuesday shipment, but officials said that one of the planned fixes was causing a...

Microsoft to Issue Emergency Patch for Critical Windows Flaw

Microsoft will issue an out-of-band patch on Monday for a critical vulnerability in all of the current versions of Windows. The company didn’t identify which flaw it will be patching, but the description of the vulnerability is a close match to the LNK flaw that attackers have been exploiting for...