CVE-2026-39309 Trilium Notes: macOS TCC Bypass via Prompt Spoofing

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...

CVE-2025-9164

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker...

CVE-2025-9164 Multiple DLL Search Order Hijacking Vulnerabilities in Docker Desktop Installer for Windows

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker...

EUVD-2025-36191

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker...

CVE-2025-9164 Multiple DLL Search Order Hijacking Vulnerabilities in Docker Desktop Installer for Windows

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker...

PT-2025-43961

Name of the Vulnerable Software and Affected Versions Docker Desktop versions through 4.48.0 Description The Docker Desktop Installer.exe is susceptible to a DLL hijacking issue stemming from an insecure DLL search order. The installer prioritizes searching for necessary DLLs within the user's...

EUVD-2009-0027

Malware in sbrugna...

EUVD-2025-19601

Malicious code in bioql PyPI...

Google Nearby 安全漏洞

Google Nearby is a series of connectivity-focused projects from the American company Google, Inc. for building cross-device experiences. A security vulnerability previously existed in Google Nearby version v1.0.2002.2, which stemmed from the fact that when a Payload Transfer frame of type FILE wa...

OESA-2023-1744 libcue security update

Libcue is intended for parsing a so-called cue sheet from a char string or a file pointer. For handling of the parsed data a convenient API is available. Security Fixes: libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bound...

PT-2023-5951 · Git · Git For Windows

Name of the Vulnerable Software and Affected Versions: Git for Windows versions prior to 2.39.2 Description: The issue is related to the Windows port of the revision control system Git. By carefully crafting a DLL and placing it into a subdirectory of a specific name next to the Git for Windows...

CVE-2021-44426

An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.5. An upload of an arbitrary file to a victim's local /Downloads/ directory is possible if the victim is using the AnyDesk Windows client to connect to a remote machine, if an attacker is also connected remotely with AnyDesk to...

CVE-2020-35112

If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension such as .bat or .exe that executable would have been launched instead. Note:...

Razer US: DLL Hijacking Vulnerability in synapse-2

The Synapse 2 installer was subject to a DLL planting attack in the Downloads folder. This was fixed in May of 2019...

Brave Software: OS username disclosure

Summary: Using the webkitdirectory alongside minor user interaction, we are able to grab OS username of a victim. This is because the webkitdirectory object is not properly sanitized after a folder has been picked. In my case, the downloads folder was the default folder to select and so I ended u...

The vulnerability of the Skype instant messaging program allows a hacker to execute arbitrary code.

The vulnerability of the Skype instant messaging program is related to the limitation on the download of external libraries. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted library named api-ms-win-core-winrt-string-l1-1-0.dll, which is...

Default configuration

Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder...

CVE-2009-0014

CVE-2009-0014 affects Apple Mac OS X 10.5.6 Folder Manager, where the Downloads folder is recreated with insecure default permissions, allowing local users to read the Downloads folder and bypass restrictions. The issue is a local vulnerability tied to the folder creation permissions, as describe...

CVE-2009-0014

Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder...