11 matches found
EUVD-2021-19314
Malware in sbrugna...
EUVD-2022-25099
Malicious code in bioql PyPI...
EUVD-2022-25100
Malicious code in bioql PyPI...
Exciting updates to the Copilot (AI) Bounty Program: Enhancing security and incentivizing innovation
At Microsoft, we are committed to fostering a secure and innovative environment for our customers and users. As part of this commitment, we are thrilled to announce significant updates to our Copilot AI Bounty Program. These changes are designed to enhance the program's effectiveness, incentivize...
CVE-2022-1824
An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able to execute arbitrary co...
CVE-2022-1823
Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin Living off the land attack. This could result in the user gaining elevated permissions and being able to execu...
Installer of Trend Micro Security 2020 (Consumer) may insecurely load Dynamic Link Libraries
Overview Installers of Trend Micro Security 2020 Consumer family may insecurely load Dynamic Link Libraries. Multiple products provided by Trend Micro Incorporated contain the DLL search path issue, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Trend Micro Incorporated...
CVE-2022-34893
Trend Micro Security 2022 consumer has a link following vulnerability where an attacker with lower privileges could manipulate a mountpoint which could lead to escalation of privilege on an affected machine...
CVE-2022-1824
McAfee Consumer Product Removal Tool (MCPR) versions prior to 10.4.128 are affected by an uncontrolled search path vulnerability that enables a local user to perform a sideloading attack via a specific filename, potentially gaining elevated privileges and executing arbitrary code due to insuffici...
CVE-2022-30703
Trend Micro Security 2021 and 2022 Consumer is vulnerable to an exposed dangerous method vulnerability that could allow an attacker to obtain access to leaked kernel addresses and disclose sensitive information. This vulnerability could also potentially be chained for privilege escalation...
Acronis Offers up to $5,000 to users who spot bugs in its cyber protection products
Acronis, the Swiss-Singaporean cyber protection company, has recently opened its long-standing bug bounty program to the public at large – now able to process twice as many reports. Users who discover vulnerabilities in Acronis’ software can earn up to $5,000, as well as additional perks. Through...