21 matches found
EUVD-2018-1458
Malware in sbrugna...
EUVD-2024-44807
Malicious code in bioql PyPI...
EUVD-2023-36790
Malicious code in bioql PyPI...
CVE-2024-50307
Use of potentially dangerous function issue exists in Chatwork Desktop Application Windows versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file may be downloaded from an external website and executed. As a result, arbitrary code may be executed ...
CVE-2023-32546
Code injection vulnerability exists in Chatwork Desktop Application Mac 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent...
Chatwork Desktop Application (Windows) uses a potentially dangerous function
Overview Chatwork Desktop Application Windows provided by kubell Co., Ltd. contains an issue with use of potentially dangerous function CWE-676, which allows a user to access an external website via a link in the application. RyotaK of Flatt Security Inc. directly reported this vulnerability to t...
CVE-2024-50307
Use of potentially dangerous function issue exists in Chatwork Desktop Application Windows versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file may be downloaded from an external website and executed. As a result, arbitrary code may be executed ...
PT-2024-34130 · Chatwork · Chatwork Desktop Application
Name of the Vulnerable Software and Affected Versions: Chatwork Desktop Application Windows versions prior to 2.9.2 Description: A use of potentially dangerous function issue exists in the application. If a user clicks a specially crafted link, an arbitrary file may be downloaded from an external...
CVE-2023-32546
Code injection vulnerability exists in Chatwork Desktop Application Mac 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent...
CVE-2023-32546
Code injection vulnerability exists in Chatwork Desktop Application Mac 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent...
CVE-2023-32546
Code injection vulnerability exists in Chatwork Desktop Application Mac 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent...
Code injection
Code injection vulnerability exists in Chatwork Desktop Application Mac 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent...
Chatwork 代码注入漏洞
Chatwork is a business group chat application from Chatwork, Inc. A security vulnerability exists in Chatwork Desktop Application version 2.6.43 and earlier, which stems from a code injection vulnerability that allows a non-administrative user to store and access audio and image data for the...
CVE-2023-32546
Code injection vulnerability exists in Chatwork Desktop Application Mac 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent...
CVE-2023-32546
Code injection vulnerability exists in Chatwork Desktop Application Mac 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent...
CVE-2023-32546
CVE-2023-32546 concerns the Chatwork Desktop Application (Mac) up to version 2.6.43, where a code injection vulnerability (CWE-94) could allow a non-administrative user to store and access audio and image data from the product without user consent. The issue is localized (Mac) and exists in older...
Design/Logic Flaw
Untrusted search path vulnerability in installer of ChatWork Desktop App for Windows 2.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2018-0648
CVE-2018-0648 affects the ChatWork Desktop App for Windows 2.3.0 and earlier: the installer is vulnerable to insecure DLL search path (CWE-427), allowing arbitrary code execution with the installer's user privileges. Root cause is DLL search path handling in the Windows installer. Mitigation: use...
CVE-2018-0648
Untrusted search path vulnerability in installer of ChatWork Desktop App for Windows 2.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
Installer of ChatWork Desktop App for Windows may insecurely load Dynamic Link Libraries
Overview Installer of ChatWork Desktop App for Windows provided by ChatWork Co,. LTD. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Hamasaki Hiroki of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC...