Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/12 7:2 p.m.4 views

CVE-2019-25343

NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files with full access rights. Attackers can replace system executables with malicious files to gain SYSTEM or Administrator privileges through unauthorized file modification...

8.5CVSS5.5AI score0.00108EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2021/06/17 7:46 a.m.59 views

Researchers Uncover 'Process Ghosting' — A New Malware Evasion Technique

Cybersecurity researchers have disclosed a new executable image tampering attack dubbed "Process Ghosting" that could be potentially abused by an attacker to circumvent protections and stealthily run malicious code on a Windows system. "With this technique, an attacker can write a piece of malwar...

2AI score
Exploits0
OSV
OSV
added 2019/02/18 11:34 p.m.3 views

GHSA-8CC8-8VVX-FHGW jdf-sass downloads Resources over HTTP

Affected versions of jdf-sass insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syste...

8.1CVSS6.3AI score0.01631EPSS
Exploits0References3
CNVD
CNVD
added 2018/06/15 12:0 a.m.5 views

phantomjs-cheniu remote code execution vulnerability

phantomjs-cheniu is a headless Webkit script with JavaScript API. A security vulnerability exists in phantomjs-cheniu, which originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting the response a...

9.3CVSS8.1AI score0.01752EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/31 12:0 a.m.3 views

selenium-standalone-painful remote code execution vulnerability

selenium-standalone-painful is a program for installing command line tools for starting a selenium standalone server. A security vulnerability exists in selenium-standalone-painful that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker...

9.3CVSS8.2AI score0.02021EPSS
Exploits0References1
Rows per page
Query Builder