16 matches found
EUVD-2010-5218
Malware in sbrugna...
EUVD-2017-5508
Malware in sbrugna...
EUVD-2024-35565
Malicious code in bioql PyPI...
EUVD-2023-29125
Malicious code in bioql PyPI...
CVE-2022-47631
Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and if they deny write access for the SYSTEM...
CVE-2018-1000209
Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insecure Permissions vulnerability in Sensu Core on Windows platforms that can result in Unprivileged users may execute code in context of Sensu service account. This attack appear to be exploitable via Unprivileged user may place a...
ROS-20250203-03
A vulnerability in the Microsoft .NET software platform is related to incorrect processing of the search path to DLLs. DLLs. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
CVE-2024-11454 Untrusted Search Path vulnerability in Autodesk Revit
A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized...
ROS-20240812-11
The GLPI Agent universal control agent vulnerability involves modifying GLPI-Agent code or allows a DLL to be used to modify the agent's logic. Exploitation of the vulnerability could allow an attacker to privilege escalation...
PT-2024-24610 · Foxit · Foxit Pdf Reader/Editor
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader and Editor versions prior to 2024.1 Description: The issue allows Local Privilege Escalation during update checks due to weak permissions on the update-service folder. This weakness enables attackers to place crafted DLL file...
CVE-2023-28353
CVE-2023-28353 affects Faronics Insight 10.0.19045 on Windows. An unauthenticated attacker can upload arbitrary files to any location on the Teacher Console computer, enabling multiple exploitation paths including achievable code execution and the potential to chain with other flaws to run a DLL ...
U.S. Dept Of Defense: Remote Code Execution via Insecure Deserialization in Telerik UI (CVE-2019-18935)
Description: https://██████/██████████/Telerik.Web.UI.WebResource.axd?type=rau is vulnerable to CVE-2017-11317 and CVE-2019-18935, allowing an attacker to upload arbitrary files and gain remote code execution on the underlying system. References...
Siemens DIGSI 4 Elevation of Privilege Vulnerability
DIGSI 4 is the operating and configuration software for the SIPROTEC 4 and SIPROTEC Compact Protection Unit. An elevation of privilege vulnerability exists in Siemens DIGSI 4. An attacker could exploit the vulnerability by placing a DLL with system-executed code...
Equation organization leaked windows framework vulnerability tool Esteemaudit RDP vulnerability
1. Reproduction environment: • Windows 2003 sp2 x86 •Windows 2003 configuration the domain server Domain server set up please refer to: https://wenku.baidu.com/view/430e9e96964bcf84b9d57bd4.html) 2. Environment to build: From https://yadi.sk/d/NJqzpqo3GxZA4 download the leaked file Under linux by...
Excel 2000 vulnerability - executing programs
Georgi Guninski security advisory 15, 2000 Excel 2000 vulnerability - executing programs Systems affected: Excel 2000/Win98 - almost sure other versions/OSes, have not tested Risk: High Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual...
Cheyenne Inoculan for Windows NT 4.0 - Share
Cheyenne Inoculan for Windows NT 4.0 - Share source: https://www.securityfocus.com/bid/106/info It is possible to run arbitrary code on any Intel machine running Cheyenne Inoculan version 4.0 for Windows NT prior to SP2. Inoculan runs as a service, called "Cheyenne InocuLAN Anti-Virus Server". Wh...