485986 matches found
CVE-2016-20088
Comodo Chromodo Browser 52.15.25.664 contains an unquoted service path vulnerability in the ChromodoUpdater service that runs with SYSTEM privileges. A local attacker can insert a malicious executable in the service path and execute arbitrary code with elevated privileges upon service restart or...
CVE-2016-20090
Comodo Dragon Browser versions up to 52.15.25.663 contain a privilege escalation vulnerability in the DragonUpdater service due to an unquoted service path running with SYSTEM privileges. A local attacker can insert a malicious executable in the service path and execute arbitrary code with elevat...
MAL-2026-6213 Malicious code in @bytemend/mfebus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3d53776853d18aabf967b0f1882eb45f2164feedd600eeccc927f496002f5e4 The package advertises itself as a small in-memory pubsub library but its main entry dist/index.js eagerly requires dist/bootstrap.js, a 277KB...
Malicious code in @apexcraft/nano-key (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c46938b3634fb4de89ddf44b765e1c766c871a40fb31c54609c1b3526074e65c @apexcraft/nano-key advertises itself as a 12-byte sortable ID generator README and repository metadata are copied from yiwen-ai/xid-ts, an unrelated...
MAL-2026-6210 Malicious code in @apexcraft/nano-key (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c46938b3634fb4de89ddf44b765e1c766c871a40fb31c54609c1b3526074e65c @apexcraft/nano-key advertises itself as a 12-byte sortable ID generator README and repository metadata are copied from yiwen-ai/xid-ts, an unrelated...
Malicious code in @apiwizards/auth-middleware (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 718ca10ce0670edf6756b4ff0bd05e43526ebd516396a34074acf844116e7254 @apiwizards/[email protected] ships a single heavily obfuscated index.js obfuscator.io string-array with 317 entries, RC4+base64 decoder,...
MAL-2026-6211 Malicious code in @apiwizards/auth-middleware (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 718ca10ce0670edf6756b4ff0bd05e43526ebd516396a34074acf844116e7254 @apiwizards/[email protected] ships a single heavily obfuscated index.js obfuscator.io string-array with 317 entries, RC4+base64 decoder,...
Malicious code in chai-as-attested (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88e27467366a90f482eb47476458b1f74d5a41ac63371572e527f2e60e4e0b51 Package impersonates a pino-style logger exports module.exports.pino, ships pino-like DEFAULTLEVELS, keywords fast/logger/stream/json but the exporte...
MAL-2026-6218 Malicious code in chai-as-attested (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88e27467366a90f482eb47476458b1f74d5a41ac63371572e527f2e60e4e0b51 Package impersonates a pino-style logger exports module.exports.pino, ships pino-like DEFAULTLEVELS, keywords fast/logger/stream/json but the exporte...
EUVD-2016-10906
Wise Care 365 4.27 and Wise Disk Cleaner 9.29 contain unquoted service path vulnerabilities in the WiseBootAssistant and SpyHunter 4 Service respectively, allowing local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that...
CVE-2016-20090
Comodo Dragon Browser versions up to 52.15.25.663 contain a privilege escalation vulnerability in the DragonUpdater service due to an unquoted service path running with SYSTEM privileges. A local attacker can insert a malicious executable in the service path and execute arbitrary code with elevat...
EUVD-2016-10903
Comodo Dragon Browser versions up to 52.15.25.663 contain a privilege escalation vulnerability in the DragonUpdater service due to an unquoted service path running with SYSTEM privileges. A local attacker can insert a malicious executable in the service path and execute arbitrary code with elevat...
CVE-2026-48137
There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a specially...
CVE-2026-53915
In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration...
CVE-2026-48137
Summary: CVE-2026-48137 is an untrusted pointer dereference in the NI grpc-device sideband streaming API affecting NI grpc-device 2.17.0 and earlier. A attacker can cause an arbitrary memory dereference and potentially remote code execution by sending a specially crafted Moniker protobuf message....
Vulnerabilities in Splunk Enterprise and Splunk Cloud Platform
Splunk has identified several vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. These vulnerabilities concern various components of Splunk Enterprise and Splunk Cloud Platform. Splunk has classified the vulnerability with the identifier CVE-2026-20253 as a critical vulnerability in...
CVE-2026-53915
In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration...
EUVD-2026-38005
In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration...
CVE-2026-53915
In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration...
CVE-2026-53915
CVE-2026-53915 : In JetBrains GoLand prior to 2026.1.3, remote code execution is possible through untrusted project configuration. According to CVSS 3.1 data, the vulnerability has a base score of 7.1 (HIGH) with network attack vector, no privileges required, user interaction required, and both c...