30 matches found
RDPGuard 9.9.9 - Privilege Escalation
Exploit Title: RDPGuard 9.9.9 - Privilege Escalation Discovered by: Ahmet Ümit BAYRAM Discovered Date: 09.05.2025 Vendor Homepage: https://rdpguard.com Software Link: https://rdpguard.com/download.aspx Tested Version: 9.9.9 latest Tested on: Windows 10 32bit Steps to Reproduce 1. Prepare a .bat...
Exploit for CVE-2024-24576
CVE-2024-24576-Poc-Python A quick POC for the vulnerability di...
Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar
winDED Custom exploit for CVE-2023-38831 using python. Int...
PT-2023-30676 · Unknown · Opensupports
Name of the Vulnerable Software and Affected Versions: OpenSupports version 4.11.0 Description: The issue allows an attacker to bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type in the comment function. This can enable the...
The vulnerability of clients for conducting real-time audio and video conferences via Zoom Client for Meetings for Windows allows a perpetrator to compromise the integrity of protected information.
The vulnerability of clients for conducting real-time audio and video conferences using the Zoom Client for Meetings for Windows involves an improper verification of the cryptographic signature. Exploiting this vulnerability can allow attackers to compromise the integrity of the protected...
Email-Worm.Win32.Lama Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/1c255ef6fd44877700867f94a59875d2.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Lama Vulnerability: Insecure Permissions Description: The malware writes a ".BAT"...
PublicCMS has an unspecified vulnerability
PublicCMS is an open source content management system CMS written in Java from PublicCMS, China. publicCMS v4.0 contains a security vulnerability that stems from a problem in the BAT file parameters. An attacker can exploit this vulnerability to execute arbitrary code...
CVE-2021-40881
An issue in the BAT file parameters of PublicCMS v4.0 allows attackers to execute arbitrary code...
CVE-2021-40881
An issue in the BAT file parameters of PublicCMS v4.0 allows attackers to execute arbitrary code...
Code injection
An issue in the BAT file parameters of PublicCMS v4.0 allows attackers to execute arbitrary code...
CVE-2021-40881
Technical details for CVE-2021-40881 are not publicly available in the provided documents; monitor for updates.
CVE-2021-40881
An issue in the BAT file parameters of PublicCMS v4.0 allows attackers to execute arbitrary code...
PublicCMS 安全漏洞
PublicCMS is an open source content management system CMS written in Java from PublicCMS, China. publicCMS v4.0 contains a security vulnerability that stems from a problem in the BAT file parameters. An attacker can exploit this vulnerability to execute arbitrary code...
TrickBot Adds ActiveX Control, Hides Dropper in Images
The TrickBot banking trojan has gotten trickier, with the addition of a Windows 10 ActiveX control to execute malicious macros in boobytrapped documents. Michael Gorelik, researcher at Morphisec Labs, said that at least two dozen documents have come to light in the last few weeks that use ActiveX...
CVE-2019-8454
CVE-2019-8454 concerns the Check Point Endpoint Security client for Windows pre-E80.96. A local attacker can create a hard-link between a file the client writes to and another BAT file, then impersonate the WPAD server to inject BAT commands into that file. Those commands may later execute under ...
CVE-2019-8454
A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the syste...
SANNY Malware Delivery Method Updated in Recently Observed Attacks
Introduction In the third week of March 2018, through FireEye’s Dynamic Threat Intelligence, FireEye discovered malicious macro-based Microsoft Word documents distributing SANNY malware to multiple governments worldwide. Each malicious document lure was crafted in regard to relevant regional...
SANNY Malware Delivery Method Updated in Recently Observed Attacks
Introduction In the third week of March 2018, through FireEye’s Dynamic Threat Intelligence, FireEye discovered malicious macro-based Microsoft Word documents distributing SANNY malware to multiple governments worldwide. Each malicious document lure was crafted in regard to relevant regional...
200 Million WhatsApp Users Vulnerable to vCard Vulnerability
WhatsApp recently claimed to have hit 900 Million monthly active users, but a dangerous security flaw in the web version of the popular instant messaging app puts up to 200 Million of its users at risk. Yes, the web-based extension of WhatsApp is vulnerable to an exploit that could allow hackers ...
EMC Documentum xCelerated Management System information disclosure
Service password is stored in .bat file...