51 matches found
EUVD-2018-9649
Malware in sbrugna...
EUVD-2022-50935
Malicious code in bioql PyPI...
EUVD-2022-51903
Malicious code in bioql PyPI...
EUVD-2023-36489
Malicious code in bioql PyPI...
CVE-2023-32231
An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:\Windows\Temp. A standard user can create the folder and path file ahead of time and obtain elevated code execution...
CVE-2022-48226
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During installation, an EXE gets executed out of C:\Windows\Temp. A standard user can create the path file ahead of time and obtain elevated code execution. Permissions need to be modified to prevent manipulation...
Vulnerabilities fixed in Rockwell Automation FactoryTalk
Rockwell Automation has fixed vulnerabilities in FactoryTalk View Site. The vulnerabilities are related to improper permissions settings on the remote debugger port, allowing unauthenticated users to access system configurations. This can lead to unauthorized changes. In addition, there is a loca...
CVE-2023-28804 Linux ZCC allows unsigned updates, allowing elevated Code Execution
An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows replacing binaries.This issue affects Linux Client Connector: before 1.4.0.105...
CVE-2023-28804 Linux ZCC allows unsigned updates, allowing elevated Code Execution
An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows replacing binaries.This issue affects Linux Client Connector: before 1.4.0.105...
The vulnerability of the Jupyter Core environment for interactive code development and execution allows attackers to expose protected information, upload and execute code with elevated privileges.
The vulnerability in the Jupyter Core environment for interactive code development and execution is related to errors in privilege management. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information, upload and execute code with elevated privileges...
CVE-2023-32231
An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:\Windows\Temp. A standard user can create the folder and path file ahead of time and obtain elevated code execution...
Path traversal
An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:\Windows\Temp. A standard user can create the folder and path file ahead of time and obtain elevated code execution...
CVE-2023-32231
An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:\Windows\Temp. A standard user can create the folder and path file ahead of time and obtain elevated code execution...
CVE-2023-32231
An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:\Windows\Temp. A standard user can create the folder and path file ahead of time and obtain elevated code execution...
CVE-2022-48226
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During installation, an EXE gets executed out of C:\Windows\Temp. A standard user can create the path file ahead of time and obtain elevated code execution. Permissions need to be modified to prevent manipulation...
Path traversal
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During installation, an EXE gets executed out of C:\Windows\Temp. A standard user can create the path file ahead of time and obtain elevated code execution. Permissions need to be modified to prevent manipulation...
PT-2023-15623 · Acuant · Acuant Acufill Sdk
Name of the Vulnerable Software and Affected Versions: Acuant AcuFill SDK versions prior to 10.22.02.03 Description: An issue was discovered in the Acuant AcuFill SDK. During installation, an executable file gets executed out of the C:WindowsTemp directory. A standard user can create the path fil...
Cybereason EDR 代码问题漏洞
Cybereason EDR is a depth detection and response platform from Cybereason. A security vulnerability exists in Cybereason EDR versions 19.1.x prior to 19.1.282, 19.2.x prior to 19.2.182, and 20.1.x prior to 20.1.343, which stems from the presence of a DLL hijacking vulnerability that can be...
Snow Software Snow Inventory Java Scanner 安全漏洞
Snow Software Snow Inventory Java Scanner is a Java Inventory Scanner from Snow Software, Sweden. A security vulnerability exists in Snow Software Snow Inventory Java Scanner version 1.0, which stems from a problem with software privilege filtering. The vulnerability can be exploited by an attack...
PT-2020-3899 · Microsoft · Windows Shell +1
Name of the Vulnerable Software and Affected Versions: Windows Shell affected versions not specified Description: The issue is related to the improper handling of objects in memory by the Shell infrastructure component, allowing an attacker to potentially run processes in an elevated context. To...