11 matches found
MAL-2026-3778 Malicious code in natazx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0514a0df660dfc4e7380f68e8533fa325ccc246ba21855975f73d3af78cd9f0 On import natazx, the package's top-level code executes several installer-hostile actions without consent: 1 it unconditionally overwrites the host's...
PT-2026-41186
Name of the Vulnerable Software and Affected Versions CodeWhale versions prior to 0.8.26 Description The task create tool spawns durable sub-agents that inherit insecure default settings. Specifically, the allow shell variable defaults to true and the auto approve variable defaults to true. When ...
Buffer-Overflow-Exploit-Development-Practice
It is an offensive tool for buffer overflow exploit development. The primary CVE ID is not present in the provided context. The target product/service or framework is not explicitly stated, but the tool is designed for buffer overflow exploit development, which typically involves vulnerabilities ...
RenderTune Security Vulnerability
RenderTune is a free electronic application for Mac/Windows/Linux that uses ffmpeg to combine audio + image files into video files. A security vulnerability exists in RenderTune v1.1.4, which stems from a cross-site scripting XSS vulnerability. An attacker can exploit this vulnerability to execut...
Microsoft 3D Builder 安全漏洞
Microsoft 3D Builder, a tool for creating models and 3D printing from Microsoft USA, has a security vulnerability. No details of the vulnerability are currently available...
Corel CorelDRAW Graphics Suite buffer overflow vulnerability
Corel CorelDRAW Graphics Suite is a vector graphics creation tool from Corel. A buffer overflow vulnerability exists in Corel CorelDRAW Graphics Suite, which can be exploited by attackers to execute code in the context of the current process...
The vulnerability in the web interface of the software tool for creating reports for Cisco Security Manager’s deployed security solutions allows a perpetrator to perform cross-site scripting attacks.
The vulnerability in the web interface for creating reports for Cisco Security Manager’s deployed security solutions is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using the specially...
The vulnerability in the web interface of the software tool for creating reports for Cisco Security Manager’s deployed security solutions allows a perpetrator to perform cross-site scripting attacks.
The vulnerability in the web interface for creating reports for Cisco Security Manager’s deployed security solutions is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using the specially...
USN-4499-1: MilkyTracker vulnerabilities
It was discovered that MilkyTracker did not properly handle certain input. If a user were tricked into opening a malicious file, an attacker could cause MilkyTracker to crash or potentially execute arbitrary code...
Debotnet - A Tiny Portable Tool For Controlling Windows 10's Many Privacy-Related Settings And Keep Your Personal Data Private
A free and portable tool for controlling Windows 10's many privacy-related settings and keep your personal data private. Your preparation for the Net! The Windows 10 default privacy settings leave a lot to be desired when it comes to protecting you and your private information. Whenever I set up ...
Microsoft DirectX SDK - Xact.exe Remote Code Execution
Microsoft DirectX SDK - Xact.exe Remote Code Execution + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DIRECTX-SDK-XACT.EXE-TROJAN-FILE-CODE-EXECUTION.txt + ISR: Apparition Security Greetz: indoushka | Eduardo...