49 matches found
CVE-2026-34596
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a Time-of-Check-to-Time-of-Use TOCTOU race condition exists during addon installation. When a user installs an addon through the SandMan interface, UpdUtil.exe is spawned as SYSTEM by...
SUSE CVE-2026-39853
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...
EUVD-2000-0328
Malware in sbrugna...
EUVD-2012-1470
Malware in sbrugna...
EUVD-2004-0914
Malware in sbrugna...
CVE-2020-1300
A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a maliciou...
CVE-2023-51603
Honeywell Saia PG5 Controls Suite CAB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerabili...
CVE-2023-37646
An issue in the CAB file extraction function of Bitberry File Opener v23.0 allows attackers to execute a directory traversal...
Bitberry File Opener Path Traversal Vulnerability
Bitberry File Opener is a free file opening tool from Bitberry. The main purpose of this tool is to allow users to easily open, view, and work with a variety of different file types without having to install and run several different applications. A security vulnerability exists in Bitberry File...
SUSE CVE-2005-1923
The ENSUREBITS macro in mszipd.c for Clam AntiVirus ClamAV 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service CPU consumption by infinite loop via a cabinet CAB file with the cffileFolderOffset field set to 0xff, which causes a zero-length read...
SUSE CVE-2007-6336
Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file...
SUSE CVE-2016-10350
The archivereadformatcabreadheader function in archivereadsupportformatcab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...
Cybercriminals Using Polyglot Files in Malware Distribution to Fly Under the Radar
Remote access trojans such as StrRAT and Ratty are being distributed as a combination of polyglot and malicious Java archive JAR files, once again highlighting how threat actors are continuously finding new ways to fly under the radar. "Attackers now use the polyglot technique to confuse security...
Check Point Identity Agent Arbitrary File Write Vulnerability
Check Point Identity Agent Arbitrary File Write Vulnerability Description =========== The Check Point Identity Agent allows low privileged users to write files to protected locations of the file system. Details ======= Advisory ID: usd-2021-0005 Product: Check Point Identity Agent Affected Versio...
Check Point Identity Agent Arbitrary File Write
Advisory: Privileged File Write Description =========== The Check Point Identity Agent allows low privileged users to write files to protected locations of the file system. Details ======= Advisory ID: usd-2021-0005 Product: Check Point Identity Agent Affected Version: R81.018.0000 Vulnerability...
CVE-2020-10126
NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the bunch note acceptor BNA, enabling an attacker with physical access to internal ATM components to restart the host computer and execute arbitrary code with SYSTEM privileges because while booting, the...
Microsoft Windows and Windows Server Remote Code Execution Vulnerability (CNVD-2021-29544)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A remote code execution vulnerability exists in Microsoft Windows and Windows Server, whic...
Low: Red Hat Security Advisory: libmspack security and bug fix update
An update for libmspack is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
CentOS 7 : libmspack (CESA-2019:2049)
An update for libmspack is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
PT-2019-3028 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: A security feature bypass exists when Windows incorrectly validates CAB file signatures, allowing an attacker to inject code into a CAB file without invalidating the file's signature. To...