CVE-2025-12139 File Manager for Google Drive – Integrate Google Drive with WordPress <= 1.5.3 - Unauthenticated Sensitive Information Exposure

The File Manager for Google Drive – Integrate Google Drive with WordPress plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.5.3 via the "getlocalizedata" function. This makes it possible for unauthenticated attackers to extract sensitive...

CVE-2025-62225

Optical Disc Archive Software provided by Sony Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-64151

Multiple Roboticsware products provided by Roboticsware PTE. LTD. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-64151

CVE-2025-64151 affects multiple Roboticsware products (Roboticsware PTE. LTD.) where Windows services are registered with unquoted file paths. This leads to a local privilege escalation: a user with write access to the system drive root can trigger arbitrary code execution with SYSTEM privileges....

WordPress File Manager for Google Drive plugin <= 1.5.3 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by ifoundbug in WordPress Plugin Integrate Google Drive versions = 1.5.3...

PT-2025-45084

Name of the Vulnerable Software and Affected Versions Sony Optical Disc Archive Software affected versions not specified Description The Optical Disc Archive Software from Sony Corporation registers a Windows service with an unquoted file path. A user possessing write permissions to the system...

PT-2025-45085

Name of the Vulnerable Software and Affected Versions Roboticsware products affected versions not specified Description Multiple Roboticsware products register Windows services with unquoted file paths. A user with write permission to the system drive’s root directory may execute arbitrary code...

PT-2025-45088

Name of the Vulnerable Software and Affected Versions File Manager for Google Drive – Integrate Google Drive with WordPress versions prior to 1.5.4 Description The File Manager for Google Drive – Integrate Google Drive with WordPress plugin for WordPress has a flaw that allows unauthenticated...

WordPress plugin integrate-google-drive 信息泄露漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin integrate-google-drive has an information disclosure vulnerability, the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989191)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989191 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix kernel panic during drive powercycle test While looping over shost's sdev list...

APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign

A Pakistan-nexus threat actor has been observed targeting Indian government entities as part of spear-phishing attacks designed to deliver a Golang-based malware known as DeskRAT. The activity, observed in August and September 2025 by Sekoia, has been attributed to Transparent Tribe aka APT36, a...

CVE-2025-61865

Multiple NAS management applications provided by I-O DATA DEVICE, INC. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

Malicious code in filen-drive (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-48842 Malicious code in filen-drive (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2025-61865

Multiple NAS management applications provided by I-O DATA DEVICE, INC. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

EUVD-2025-35653

NarSuS App registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

CVE-2025-61865

Multiple NAS management applications provided by I-O DATA DEVICE, INC. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

SUSE CVE-2023-47113

BleachBit cleans files to free disk space and to maintain privacy. BleachBit for Windows up to version 4.4.2 is vulnerable to a DLL Hijacking vulnerability. By placing a DLL in the Folder c:\DLLs, an attacker can run arbitrary code on every execution of BleachBit for Windows. This issue has been...

I-O DATA NarSuS App 代码问题漏洞

I-O DATA I-O DATA NarSuS App is a desktop software from I-O DATA, Inc. that includes device detection, driver installation, configuration assistance, firmware update, and service registration. I-O DATA I-O DATA NarSuS App suffers from a code issue vulnerability that stems from a Windows service...

PT-2025-43430

Name of the Vulnerable Software and Affected Versions NarSuS App affected versions not specified Description The NarSuS App registers a Windows service using an unquoted file path. This allows a user with write access to the system drive's root directory to potentially execute arbitrary code with...