MAL-2026-3773 Malicious code in sysbin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ab8ea4ce073a93a1973a062ac7661ceeaea9c312f9fd67e9acda9936e2b6578 Package metadata advertises sysbin as a 'System binary configuration tool' but the tarball ships pointer.py, a stealth overlay that runs automaticall...

Malicious code in timermcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a3fb8935c61e214bb5bdfe858c15d8d00fce16ae5a8ee00d88af7c1aa363e656 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

MAL-2026-3226 Malicious code in timesmcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 85630b024b2eb06c5002dd3ac72fa8bf4733f08d34de10bf0eca0851bf2d9f86 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

CVE-2025-66264 Unquoted Service path in UPSilon2000V6.0 SYSTEM privilege service

The CMService.exe service runs with SYSTEM privileges and contains an unquoted service path. This allows a local attacker with write privileges to the filesystem to insert a malicious executable in the path, leading to privilege escalation...

G Data 安全漏洞

G Data is an antivirus software from the German company G Data. A security vulnerability exists in G Data that stems from improper privilege assignment in auto-start task handling, which could allow a local attacker to elevate privileges and execute arbitrary code as SYSTEM...

March 28, 2022—KB5011563 (OS Build 22000.593) Preview

March 28, 2022—KB5011563 OS Build 22000.593 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11 original release, see its update history page.Note Follow @WindowsUpdate to...

Cain & Abel 4.9.56 - Unquoted Service Path Vulnerability

Exploit Title: Cain & Abel 4.9.56 - Unquoted Service Path Exploit Author: Aryan Chehreghani Software Link: https://www.malavida.com/en/soft/cain-and-abel Version: 4.9.56 Tested on: Windows 10 x64 PoC SERVICENAME: Abel TYPE : 110 WIN32OWNPROCESS interactive STARTTYPE : 2 AUTOSTART ERRORCONTROL : 1...

Security update for barrier (moderate)

openSUSE Security Update: Security update for barrier Announcement ID: openSUSE-SU-2021:1498-1 Rating: moderate References: Cross-References: CVE-2021-42072 CVE-2021-42073 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Description: This update for...

VX Search 13.5.28 Unquoted Service Path

Exploit Title: VX Search 13.5.28 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 16-06-2021 Vendor Homepage: https://www.vxsearch.com Software Links: https://www.vxsearch.com/setupsx64/vxsearchsrvsetupv13.5.28x64.exe...

MEMU PLAY 3.7.0 - 'MEmusvc' Unquoted Service Path

Exploit Title: MEMU PLAY 3.7.0 - 'MEmusvc' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-07 Vendor : Microvirt Version : Microvirt MEMU 3.7.0 Vendor Homepage : https://www.memuplay.com/ Tested on OS: Windows 10 Home Analyze PoC : ============== C:\Users\Sam Sanzsc qc...

Iskysoft Application Framework Service 2.4.3.241 - (IsAppService) Unquoted Service Path Vulnerabilit

Exploit Title: Iskysoft Application Framework Service 2.4.3.241 - 'IsAppService' Unquoted Service Path Discovery by: Alejandro Reyes Vendor Homepage: https://www.iskysoft.us Software Link : https://www.iskysoft.us/lp/filmora-video-editor/?gclid=EAIaIQobChMIo-WL-Z6h5wIVwR0YCh3O7QYsEAAYAiAAEgJmDBwE...

BOOTP Turbo 2.0.1214 Unquoted Service Path

Exploit Title: BOOTP Turbo 2.0.1214 - 'BOOTP Turbo' Unquoted Service Path Exploit Author: boku Date: 2020-02-10 Vendor Homepage: https://www.weird-solutions.com Software Link: https://www.weird-solutions.com/download/products/bootptdemoIA32.exe Version: 2.0.1214 Tested On: Windows 10 32-bit...

Design/Logic Flaw

An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server...

Easy-Hide-IP 5.0.0.3 - (EasyRedirect) Unquoted Service Path Vulnerability

Exploit Title: Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path Exploit Author: Rene Cortes S Vendor Homepage: https://easy-hide-ip.com Software Link: https://easy-hide-ip.com Version: 5.0.0.3 Tested on: Windows 7 Professional Service Pack 1 Step to discover the unquoted Service:...

Alps HID Monitor Service 8.1.0.10 - (ApHidMonitorService) Unquote Service Path Vulnerability

Exploit Title: Alps HID Monitor Service 8.1.0.10 - 'ApHidMonitorService' Unquote Service Path Exploit Author: Héctor Gabriel Chimecatl Hernández Vendor Homepage: https://www.alps.com/e/ Software Link: https://www.alps.com/e/ Version: 8.1.0.10 Tested on: Windows 10 Home Single Language x64 Esp Ste...

Rockwell Automation Micrologix 1400 <= 21.2 Fault Bits Exploit

Binary data 720224.prm...

Wave of Java-Based RATs Target Tax Filers

Spammers are spreading Java-based remote access Trojans, known as jRATs, targeting tax filers with attachments named “IRS Updates.jar” and “ImportantPDF.jar” that, if executed, give attackers access to compromised endpoints. Zscaler, which is tracking the jRATs, believes some of the campaigns cou...

NO-IP DUC v4.1.1 Unquoted Service Path Privilege Escalation Exploit

Exploit Title : NO-IPprivilegescalation.rb - 'Unquoted Service Path Privilege Escalation' PDF Version : 4.1.1 vuln Discover : Ehsan Hosseini Module Author : pedr0 Ubuntu r00t-3xp10it Tested on : Windows 7 Professional Software Link : http://www.noip.com/client/DUCSetupv411.exe DESCRIPTION NO-IP D...

PDF Complete Office Edition 4.1.12 - Unquoted Service Path Privilege Escalation Exploit

Exploit Title : PDFcompletecorporateedition.rb - 'Unquoted Service Path Privilege Escalation' PDF Version : 4.1.12 vuln Discover : Joey Lane Module Author : pedr0 Ubuntu r00t-3xp10it Tested on : Windows 7 Professional Software Link : http://www.pdfcomplete.com/cms/Downloads.aspx "This was tested ...

Kovter becomes almost file-less, creates a new file type, and gets some new certificates

Trojan:Win32/Kovter is a well-known click-fraud malware which is challenging to detect and remove because of its file-less persistence on infected PCs. In this blog, we will share some technical details about the latest changes we have seen in Kovter’s persistence method and some updates on their...