EUVD-2019-2739

Malware in sbrugna...

EUVD-2017-15502

Malware in sbrugna...

EUVD-1999-1507

Malware in sbrugna...

EUVD-2019-7826

Malware in sbrugna...

CVE-2019-17435

A Local Privilege Escalation vulnerability exists in the GlobalProtect Agent for Windows 5.0.3 and earlier, and GlobalProtect Agent for Windows 4.1.12 and earlier, in which the auto-update feature can allow for modification of a GlobalProtect Agent MSI installer package on disk before installatio...

JVN#48057522: Inkdrop vulnerable to code injection

Inkdrop provided by Takuya Matsuyama is a Markdown editor. Inkdrop contains a code injection vulnerability CWE-94. Impact If a specially crafted markdown file is opened using the product, arbitrary code may be executed. Solution Update the Software The developer states that Inkdrop has an...

Tobesoft Nexacro数据伪造问题漏洞

Tobesoft Nexacro is a unified framework-based OSMU single-source multi-purpose application development solution from Tobesoft Korea. A security vulnerability previously existed in Nexacro version 17 17.1.3.700, which stemmed from the automatic update feature not validating input data other than...

Cybercriminals Have a Heyday with WinRAR Bug in Fresh Campaigns

A recently discovered vulnerability in the WinRAR file archival utility has been exploited in a slew of new campaigns, including one with a never-before-seen payload. The flurry of activity shows no sign of waning as cybercriminals continue to find success exploiting the bug. The campaigns take...

Patched WinRAR Bug Still Under Active Attack—Thanks to No Auto-Updates

Various cyber criminal groups and individual hackers are still exploiting a recently patched critical code execution vulnerability in WinRAR, a popular Windows file compression application with 500 million users worldwide. Why? Because the WinRAR software doesn't have an auto-update feature, whic...