EUVD-2024-28053

Malicious code in bioql PyPI...

CVE-2024-30117

A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances...

CVE-2024-30117

A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances...

CVE-2024-30117

CVE-2024-30117 (HCL BigFix Platform) is a DLL hijack vulnerability where a dynamic search for a prerequisite library could allow an attacker to replace the correct file under certain conditions. Connected sources indicate affected versions on BigFix Server: 9.5.x prior to 9.5.25, 10.0.x prior to ...

HCL BigFix Platform 安全漏洞

HCL BigFix Platform is a suite of endpoint security management platforms from HCL Corporation, USA. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in the HCL BigFix Platform that stems from the fact that a dynamic...

PT-2024-23193 · Hcl +1 · Bigfix Platform

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances. The issue...

Beware: Malicious Google Ads Trick WinSCP Users into Installing Malware

Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEOLURKER. "The malicious...

Trojanized PyCharm Software Version Delivered via Google Search Ads

A new malvertising campaign has been observed capitalizing on a compromised website to promote spurious versions of PyCharm on Google search results by leveraging Dynamic Search Ads. "Unbeknownst to the site owner, one of their ads was automatically created to promote a popular program for Python...

Malvertising via Dynamic Search Ads delivers malware bonanza

Most, if not all malvertising incidents result from a threat actor either injecting code within an existing ad, or intentionally creating one. Today, we look at a different scenario where, as strange as that may sound, malvertising was entirely accidental. The reason this happened was due to the...

New Options Profiles for Log4Shell Detection

We have now added two new option profiles to our library for Log4Shell vulnerabilities. Option profiles define the settings you want to use for your scan. These new option profiles are tuned to quickly detect the Log4Shell vulnerability on assets in your environment. The following two...

Linux/x86 Egghunter Shellcode (39 bytes)

39 bytes small Linux/x86 egghunter null-free shellcode. The egghunter dynamically searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs. // Shellcode Title: Linux/x86 - EggHunter + Null-free 39...

Installer of "Flets Azukeru for Windows Auto Backup Tool" may insecurely load Dynamic Link Libraries

Overview Installer of "Flets Azukeru for Windows Auto Backup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability...