EUVD-2021-25220

Malware in sbrugna...

EUVD-2022-25858

Malicious code in bioql PyPI...

EUVD-2022-25472

Malicious code in bioql PyPI...

May

MayLinux Patch Wednesday. This time: 1091 vulnerabilities. Of those, 716 are in the Linux Kernel. 5 vulnerabilities are exploited in the wild: RCE - PHP CSS Parser CVE-2020-13756. In AttackerKB, an exploit exists. DoS - Apache ActiveMQ CVE-2025-27533. In AttackerKB, an exploit exists. SFB -...

CVE-2021-38783

There is a Out-of-Bound Write in the Allwinner R818 SoC Android Q SDK V1.0 camera driver "/dev/cedardev" through iotcl cmd IOCTLSETPROCINFO and IOCTLCOPYPROCINFO, which could cause a system crash or EoP...

April Microsoft Patch Tuesday

April Microsoft Patch Tuesday. A total of 153 vulnerabilities, 2 times more than in March. Of these, 32 were added between the March and April MSPTs. Three vulnerabilities show signs of exploitation in the wild: EoP - Windows Common Log File System Driver CVE-2025-29824. An attacker can gain SYST...

February Microsoft Patch Tuesday

February Microsoft Patch Tuesday. 89 CVEs, 33 added since January. Two with signs of exploitation in the wild: EoP - Windows Ancillary Function Driver for WinSock CVE-2025-21418 EoP - Windows Storage CVE-2025-21391 There are no vulnerabilities with public exploits, but there are 7 with private...

Microsoft and Adobe Patch Tuesday, November 2024 Security Update Review

Microsoft has released its November 2024 Patch Tuesday updates, targeting various vulnerabilities that could impact users and organizations worldwide. From zero-day threats to key product patches, here’s what’s crucial to apply this month. Here’s a breakdown of the updates and how they impact you...

Patch Tuesday - October 2024

Microsoft is addressing 118 vulnerabilities this October 2024 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for five of the vulnerabilities published today, although it does not rate any of these as critical yet. Of those five, Microsoft lists two as...

Exploit for Missing Release of Memory after Effective Lifetime in Realtek Rtsper

CVE-2024-40431+CVE-2022-25479 chain for EOPDATA ONLY ATTACK...

CVE-2024-32906

CVE-2024-32906 affects Google Pixel/Android components: In the AcvpOnMessage function of avcp.cpp, uninitialized data may cause an Elevation of Privilege (EoP). This could enable local privilege escalation with no extra execution privileges and no user interaction required. The available connecte...

CVE-2024-32929

In gpuslcgetregion of pixelgpuslc.c, there is a possible EoP due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32929

In gpuslcgetregion of pixelgpuslc.c, there is a possible EoP due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32929

CVE-2024-32929 affects the Pixel GPU driver path gpu_slc_get_region in pixel_gpu_slc.c. A use-after-free in that function can cause a local elevation of privilege, with no additional execution privileges needed and no user interaction required. Public details across connected records confirm the ...

Update now! Google Pixel vulnerability is under active exploitation

Google has notified Pixel users about an actively exploited vulnerability in their phones firmware. Firmware is the code or program which is embedded into hardware devices. Simply put, it is the software layer between the hardware and the applications on the device. About the vulnerability, Googl...

Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2023-21768 - Dotnet Dotnet / c port of AFD-for-WinSock-E...

Patch Tuesday - May 2024

Microsoft is addressing 61 vulnerabilities this May 2024 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for three of the vulnerabilities published today. At time of writing, two of the vulnerabilities patched today are listed on CISA KEV. Microsoft is...

CVE-2024-29055 Microsoft Defender for IoT Elevation of Privilege Vulnerability

...

WiX based installers are vulnerable to binary hijack when run as SYSTEM

Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...

Microsoft and Adobe Patch Tuesday, March 2024 Security Update Review

Welcome to another insightful dive into Microsofts Patch Tuesday! This months security updates address a significant number of CVEs, underscoring the ongoing battle against digital vulnerabilities. We invite you to join us to review and discuss the details of these security updates and patches...