EUVD-2022-37806

Malicious code in bioql PyPI...

EUVD-2023-51381

Malicious code in bioql PyPI...

CVE-2022-34902

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 39316 Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

USN-6785-1 gnome-remote-desktop vulnerability

Matthias Gerstner discovered that GNOME Remote Desktop incorrectly performed certain user validation checks. A local attacker could possibly use this issue to obtain sensitive information, or take control of remote desktop connections...

CVE-2023-47250

In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers with access to a VNC session to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop,...

PT-2023-30392 · Unknown · Mprivacy-Tools

Name of the Vulnerable Software and Affected Versions: mprivacy-tools versions prior to 2.0.406g Description: The issue allows authenticated attackers with access to a VNC session to bypass access control on X11 server sockets. By specifying the DISPLAY ID of other users, attackers can gain...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a security vulnerability that stems from a bypassed vulnerability in the default desktop control function. An attacker could...

CVE-2022-34902

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 39316 Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

CVE-2022-34902

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 39316 Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

Design/Logic Flaw

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 39316 Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

CVE-2022-34902

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 39316 Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

Parallels Access 代码问题漏洞

Parallels Access is a parallel access application from Parallels USA. enabling the fastest, easiest, and most reliable remote access to your computer from anywhere. A code issue vulnerability exists in Parallels Access Agent version 6.5.4 39316 that stems from This vulnerability allows a local...

Parallels Access Agent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Desktop...

Trickbot Malware Rebounds with Virtual-Desktop Espionage Module

The Trickbot trojan is in resurgence mode, with its operators filling out infrastructure globally and releasing an updated version of its “vncDll” module, used for monitoring and intelligence gathering, researchers said. According to an analysis this week from Bitdefender, there has been “a...

Remote code execution

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center CIC Versions 4.X and 5.X, CARESCAPE Central Station CSCS Versions 1.X, the affected products utilize a weak encryption scheme for remote desktop control, which may allow an...

Threat Analysis Unit (TAU) Threat Intelligence Notification: njRAT

njRAT is a Remote Access Trojan RAT that will silently collect and steal sensitive information such as login credentials. It can also perform keylogger monitoring, remote desktop control, installing additional malicious software, and many other malicious activities on the victim’s computer. In...

Advanced Desktop Locker 6.0.0 - Lock Screen Bypass Vulnerability

Exploit for windows platform in category local exploits Exploit Title : Advanced Desktop Locker Locker Bypass Date: 8 - 1 - 2017 Software Link: http://www.encrypt4all.com/products/advanced-desktop-locker-information.php Sofrware Version : 6.0.0 Exploit Author: Squnity | Sir.matrix Contact:...

How employees evade IT security controls

Prior to January of 2007, I had very little exposure to the vast array of applications that employees use while at work. Sure, I used IM, webmail and listened to music online, but I was being paid to do a job, not entertain myself. After joining Palo Alto Networks, and analyzing 18 months worth o...