Lucene search
K

3926 matches found

Malwarebytes
Malwarebytes
added 2025/12/11 1:40 p.m.9 views

Malwarebytes for Mac now has smarter, deeper scans

Say hello to the upgraded Malwarebytes for Mac —now with more robust protection, more control, and the same trusted defense you count on every day. We’ve given our Mac scan engine a serious intelligence boost, so it thinks faster and digs deeper. The new enhanced scan searches across more of your...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/11 1:16 p.m.22 views

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control C2 purposes. According to a report from Elastic Security Labs, the malware shares code similarities with another implant codenamed...

7.1AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/12/11 12:0 a.m.4 views

(0Day) PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows phyiscally-present attackers to escalate privileges on affected installations of PDFsam Enhanced. An attacker must first obtain the ability to mount a malicious drive onto the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.6CVSS7.6AI score0.00278EPSS
Exploits0
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-201913

Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

8.4CVSS7.2AI score0.0013EPSS
Exploits0References3
NVD
NVD
added 2025/12/09 4:18 p.m.4 views

CVE-2025-66271

Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

8.4CVSS0.0013EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/09 8:29 a.m.20 views

CVE-2025-66271

Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

8.4CVSS0.0013EPSS
Exploits0References2
CVE
CVE
added 2025/12/09 8:29 a.m.8 views

CVE-2025-66271

CVE-2025-66271 affects ELECOM Clone for Windows, where the software registers a Windows service with an unquoted file path (unquoted service path). The root cause is an unquoted path in the service configuration, enabling a local attacker with write access to the system drive root to execute arbi...

8.4CVSS7.4AI score0.0013EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2025/12/09 8:0 a.m.16 views

Description of the security update for SharePoint Server 2016: December 9, 2025 (KB5002821)

Description of the security update for SharePoint Server 2016: December 9, 2025 KB5002821 Summary Important: If you're currently running SharePoint Workflow Manager, you must install the SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you're...

7.8CVSS7.1AI score0.0075EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.4 views

PT-2025-49825

Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

8.4CVSS7.7AI score0.0013EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.4 views

Siemens多款产品 安全漏洞

Siemens SIDOOR ATD430W and others are an automatic door drive system from Siemens, Germany. A security vulnerability exists in various Siemens products, which stems from insufficient TCP serial number validation and could lead to a denial-of-service attack. The following products are affected:...

8.7CVSS8.9AI score0.00417EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/12/05 5:53 p.m.12 views

Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails

A new agentic browser attack targeting Perplexity's Comet browser that's capable of turning a seemingly innocuous email into a destructive action that wipes a user's entire Google Drive contents, findings from Straiker STAR Labs show. The zero-click Google Drive Wiper technique hinges on connecti...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/05 3:27 p.m.5 views

CVE-2025-54160

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS7.5AI score0.00183EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/05 3:27 p.m.4 views

CVE-2025-54159

Missing authorization vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows remote attackers to delete arbitrary files via unspecified vectors...

7.5CVSS7.1AI score0.00381EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2025/12/05 10:51 a.m.10 views

USN-7909-4: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S39...

7.8CVSS7.2AI score0.0037EPSS
Exploits3
NVD
NVD
added 2025/12/04 4:16 p.m.10 views

CVE-2025-8074

Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...

5.6CVSS0.00084EPSS
Exploits0References1
NVD
NVD
added 2025/12/04 4:16 p.m.4 views

CVE-2025-54160

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS0.00183EPSS
Exploits0References1
CVE
CVE
added 2025/12/04 3:17 p.m.11 views

CVE-2025-8074

CVE-2025-8074 describes an origin validation error in Synology BeeDrive for desktop up to version 1.4.3-13973 . The flaw allows local users to write arbitrary files containing non-sensitive information via unspecified vectors, indicating a local-privilege/unauthorized-write possibility as stated ...

5.6CVSS6.1AI score0.00084EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/04 3:17 p.m.4 views

CVE-2025-8074

Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...

5.6CVSS6.1AI score0.00084EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/04 3:14 p.m.17 views

CVE-2025-54160

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS0.00183EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/04 3:14 p.m.5 views

EUVD-2025-201165

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS6.9AI score0.00183EPSS
Exploits0References2
Rows per page
Query Builder