89 matches found
WhatsApp on Windows users targeted in new campaign, warns Microsoft
Microsoft researchers found a campaign that abuses WhatsApp attachments to sneak a script onto Windows machines which will lead to the attacker gaining remote control. WhatsApp offers a desktop application for Windows and macOS, which users can synchronize with their mobile devices. Desktop...
RustDesk 安全漏洞
RustDesk is a remote access and control software developed by RustDesk personal developers. It is primarily written in Rust and can be used to maintain computers and other devices remotely. Versions of RustDesk 1.4.5 and earlier contain security vulnerabilities, which stem from permission abuse...
RustDesk 安全漏洞
RustDesk is a remote access and control software developed by RustDesk personal developers. It is primarily written in Rust and can be used to maintain computers and other devices remotely. Versions of RustDesk 1.4.5 and earlier contain security vulnerabilities, which stem from improper certifica...
EUVD-2005-4446
Malware in sbrugna...
EUVD-2007-4766
Malware in sbrugna...
EUVD-2019-5955
Malware in sbrugna...
EUVD-2021-7039
Malicious code in bioql PyPI...
EUVD-2022-34605
Malicious code in bioql PyPI...
EUVD-2025-8849
Malicious code in bioql PyPI...
CVE-2025-53902
Tuleap exposes confidential artifact information to unauthorized users via email notifications. CVE-2025-53902 affects Tuleap Community Edition <16.9.99.1752585665 and Tuleap Enterprise Edition <16.8-6 and
GHSA-3R3J-4VRW-884J files-bucket-server vulnerable to Directory Traversal
All versions of the package files-bucket-server are vulnerable to Directory Traversal, where an attacker can traverse the file system and access files outside of the intended directory...
SonicWall SMA 100 Series 跨站脚本漏洞
SonicWall SMA 100 Series is a series of remote access software from SonicWall Corporation. A cross-site scripting vulnerability exists in SonicWall SMA 100 Series that originates from reflective cross-site scripting and could lead to arbitrary JavaScript code execution...
The vulnerability of the RemotePC software for providing remote access lies in its insecure management of privileges, allowing attackers to escalate their privileges.
The vulnerability of the RemotePC remote access software is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...
CVE-2025-24331
The Single RAN baseband OAM service is intended to run as an unprivileged service. However, it initially starts with root privileges and assigns certain capabilities before dropping to an unprivileged level. The capabilities retained from the root period are considered extensive after the privile...
CVE-2025-6273
A vulnerability was found in WebAssembly wabt up to 1.0.37 and classified as problematic. This issue affects the function LogOpcode of the file src/binary-reader-objdump.cc. The manipulation leads to reachable assertion. Local access is required to approach this attack. The exploit has been...
ConnectWise ScreenConnect < 25.2.4 RCE
According to its version, the ConnectWise ScreenConnect remote access software installed on the remote host is prior to 25.2.4. It is, therefore affected by a remote code execution vulnerability: - ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection...
CVE-2022-24906
Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is exposed to unauthorized users. It is recommended that the Nextcloud Deck app is upgraded to 1.2.11, 1.4.6, or 1.5.4. There is no workaround available...
GHSA-X8PV-FGXP-8V3X TYPO3 Allows Information Disclosure via DBAL Restriction Handling
Problem When performing a database query involving multiple tables through the database abstraction layer DBAL, frontend user permissions are only applied via FrontendGroupRestriction to the last table. As a result, data from additional tables included in the same query may be unintentionally...
CVE-2025-40114 iio: light: Add check for array bounds in veml6075_read_int_time_ms
In the Linux kernel, the following vulnerability has been resolved: iio: light: Add check for array bounds in veml6075readinttimems The array contains only 5 elements, but the index calculated by veml6075readinttimeindex can range from 0 to 7, which could lead to out-of-bounds access. The check...
CVE-2025-0128
A denial-of-service DoS vulnerability in the Simple Certificate Enrollment Protocol SCEP authentication feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes t...