31 matches found
CVE-2026-50400
CVE-2026-50400 is a Windows App Installer elevation-of-privilege vulnerability caused by a stack-based buffer overflow. An attacker with local, low-privilege access could exploit this to gain higher privileges on the system. Public sources confirm a local-execution path via Windows App Installer ...
report-anonymizer
🛡️ Report Anonymizer Local LLM anonymizer for penetration-t...
Malicious Package
Overview @sbseg-plugin/qbo-web-app-ui is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Split function. An attacker can cause excessive CPU consumption and resource exhaustion by supplying a malicious APK stream that triggers unbounded gzip inflation. Remediation...
CVE-2024-25621
containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...
MAL-2025-48680 Malicious code in env-app (npm)
The package env-app was found to contain malicious code...
Malicious code in cross-app (npm)
The package cross-app was found to contain malicious code...
Malicious code in @tobiasredfield/simple-web-app-package (npm)
The package @tobiasredfield/simple-web-app-package was found to contain malicious code...
MAL-2025-42191 Malicious code in @bugtestester/simple-web-app-package (npm)
The package @bugtestester/simple-web-app-package was found to contain malicious code...
MAL-2025-42963 Malicious code in @tobiasredfield/simple-web-app-package (npm)
The package @tobiasredfield/simple-web-app-package was found to contain malicious code...
CVE-2025-50862
The Lotus Cars Android app com.lotus.carsdomestic.intl 1.2.8 has allowBackup=true set in its manifest, allowing data exfiltration via ADB backup on rooted or debug-enabled devices. This presents a risk of user data exposure...
MAL-2025-33438 Malicious code in sm-app (npm)
The package sm-app was found to contain malicious code...
MAL-2025-17470 Malicious code in config-app (npm)
The package config-app was found to contain malicious code...
Malicious code in root-app (npm)
The package root-app was found to contain malicious code...
MAL-2025-6855 Malicious code in simple-web-app-package (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3c77bf97c7fa506294389252c6bdf8c7918abe5aa4b0cb2956217963d11e33a6 The OpenSSF Package Analysis project identified...
Malicious code in auth0-app (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4bb8364e4a661d732190dea931ee1bd3aedea3c1005b1daa41507601bb281443 Any computer that has this package installed or running should be considered...
The vulnerability of the App Package Installer installation program for Microsoft Windows operating systems allows a perpetrator to increase their privileges.
The vulnerability of the App Package Installer installation program for Microsoft Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges...
CVE-2025-21275
Windows App Package Installer Elevation of Privilege Vulnerability...
CVE-2025-21275
Technical details about CVE-2025-21275 (Windows App Package Installer Elevation of Privilege) are not provided in the supplied documents. Public specifics on affected product/version/root cause/impact/fix are not available here; monitor for authoritative updates from Microsoft/CVE records.
CVE-2025-21275 Windows App Package Installer Elevation of Privilege Vulnerability
...