Malicious code in lyrox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a758a1be229d0656a639cd9e76cb14b3224260a08da87b6de28ff2bc4c1d48ba Heavy obfuscate code for extracting further obfuscate binaries and executing them using file less techniques. Some versions contain the executable embedded,...

MAL-2026-1437 Malicious code in flowpeek (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e79fec156ab781e041d49cebd6082ee113ef98ce53945dc1a949a3a8e96fa734 During import, the code starts the embedded executable. This executable is an information stealer extracting sensitive data to a Discord channel. --- Category:...

Malicious code in flowpeek (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e79fec156ab781e041d49cebd6082ee113ef98ce53945dc1a949a3a8e96fa734 During import, the code starts the embedded executable. This executable is an information stealer extracting sensitive data to a Discord channel. --- Category:...

Malicious code in http-request-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 13b29a753802db633ab987963543535999a246049761d4d29699b66edf207f13 During import, package masquerade and starts an embedded executable. The executable has signs of infostealer activity --- Category: MALICIOUS - The campaign ha...

MAL-2026-903 Malicious code in requests-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ccf88804317b4caf9661eb94c320a521f7689c5cf26a8754ec219d268fc9c873 During import, package masquerade and starts an embedded executable. The executable has signs of infostealer activity --- Category: MALICIOUS - The campaign ha...

CVE-2018-21244

An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029...

Malicious code in telegramdoxing (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4cdffd265ab7e5d199258a068bf6c251370ae931fc905109bd2fb659cd7d9114 The package contains an embedded malicious executable probably blank grabber started when running the module. Probably continuation of 2025-05-pydoxing ---...

MAL-2025-191888 Malicious code in telegramdoxing (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4cdffd265ab7e5d199258a068bf6c251370ae931fc905109bd2fb659cd7d9114 The package contains an embedded malicious executable probably blank grabber started when running the module. Probably continuation of 2025-05-pydoxing ---...

Foxit PhantomPDF code issue vulnerability (CNVD-2020-32467)

Foxit PhantomPDF is China's Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit PhantomPDF versions prior to 8.3.6. The vulnerability can be exploited by an attacker to execute arbitrary applications with the help of an embedded executable file...

CVE-2018-21244

An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029...

Design/Logic Flaw

An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029...

Windows AlwaysInstallElevated MSI

This module checks the AlwaysInstallElevated registry keys which dictates if .MSI files should be installed with elevated privileges NT AUTHORITY\SYSTEM. The generated .MSI file has an embedded executable which is extracted and run by the installer. After execution the .MSI file intentionally fai...

Immunity Canvas: MS12_005

Name| ms12005 ---|--- CVE| CVE-2012-0013 Exploit Pack| CANVAS Description| MS12-005: MS Office 2007-2010 Shell Object Packager file extension bypass Notes| Repeatability: Infinite Notes: The issue we exploit here was fixed silently alongside the ClickOnce issues in the MS12-005 patch but allows f...

Foxit Reader 3.2 执行内嵌可执行程序漏洞

BUGTRAQ ID: 39109 Foxit Reader是一款小型的PDF文档查看器和打印程序。 出于安全考虑Foxit Reader、Adobe Reader等阅读器不允许执行PDF文档中内嵌的可执行程序（如二进制程序和脚本），但攻击者可以使用特殊技术绕过这种安全机制启动命令（/Launch /Action），最终执行内嵌的可执行程序。Adobe Reader在打开这种PDF文档时会弹出安全提示对话框，而Foxit Reader不会给出任何提示。 Foxit Reader 3.2 厂商补丁： Foxit ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Adobe Reader - Escape From '.PDF' Execute Embedded Executable

Title : Escape From PDF Author : Didier Stevens Date : 03/29/2010 Source : http://blog.didierstevens.com/2010/03/29/escape-from-pdf/ This is a special PDF hack: I managed to make a PoC PDF to execute an embedded executable without exploiting any vulnerability! I use a launch action triggered by t...

Hacker Finds a Way to Exploit PDF Files, Without Vulnerability

SEE: Updated report with response from Adobe and FoxIt Software A security researcher has managed to create a proof-of-concept PDF file that executes an embedded executable without exploiting any security vulnerabilities. The PDF hack, when combined with clever social engineering techniques, coul...

Microsoft Internet Explorer 56 - Self Executing HTML File

Microsoft Internet Explorer 56 - Self Executing HTML File source: https://www.securityfocus.com/bid/6961/info Microsoft Internet Explorer contains a vulnerability that can allow script code within an HTML document to run an embedded executable file. Since the file is an HTML file, Internet Explor...

Microsoft Internet Explorer 5/6 - Self Executing HTML File

source: https://www.securityfocus.com/bid/6961/info Microsoft Internet Explorer contains a vulnerability that can allow script code within an HTML document to run an embedded executable file. Since the file is an HTML file, Internet Explorer will open and parse the file. When the script that poin...