Malicious code in pyinite (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7ed8f43159750189f4cea17185b5ee087dda83db8574bf258010068c524fc723 File is designed to download, hide under system-like name, and run a remote executable, widely identified as malicious. --- Category: MALICIOUS - The campaign...

MAL-2025-191834 Malicious code in pyinite (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7ed8f43159750189f4cea17185b5ee087dda83db8574bf258010068c524fc723 File is designed to download, hide under system-like name, and run a remote executable, widely identified as malicious. --- Category: MALICIOUS - The campaign...

Ensure That the Permissions on Important Files and Directories Are Minimized

According to the principle of least privilege, the minimum access permission must be correctly set for key files or directories in the system, especially those containing sensitive information. Only users with relevant permissions can access these files or directories. If the file or directory...

Ensure That Partitions without Executable Files Are Mounted Using noexec

A data drive only stores data generated during service running. No command is executed in the data drive. Therefore, you can mount the drive or partition using noexec to improve security and reduce the attack surface. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be...

Do Not Allow Hidden Executable Files

In Linux, the name of a hidden file starts with a dot .. Hidden executable files are not allowed in the system. Note that . and . are not hidden files. They refer to the current directory and upper-level directory, respectively. The .bashrc, .bashprofile, and .bashlogout files are script files us...

Malicious code in telepycore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3dcd0a2a8162a703ef9d7b90566e4c55116a7f4f4d3b8759ca0d2640acd4ee4 Package can only be used requires additional triggering to install a remote executable, ensure it starts on logon and name mimic network service. Though...

MAL-2025-191889 Malicious code in telepycore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3dcd0a2a8162a703ef9d7b90566e4c55116a7f4f4d3b8759ca0d2640acd4ee4 Package can only be used requires additional triggering to install a remote executable, ensure it starts on logon and name mimic network service. Though...

GHSA-88XG-V53P-FPVF YesWiki Remote Code Execution via Arbitrary PHP File Write and Execution

Summary An arbitrary file write can be used to write a file with a PHP extension, which then can be browsed to in order to execute arbitrary code on the server. All testing was performed on a local docker setup running the latest version of the application. PoC Proof of Concept Navigate to...

SAP NetWeaver Unrestricted File Upload Vulnerability

SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries...

VMware Spring Boot < 2.7.25, 3.0.x < 3.1.16, 3.2.x < 3.2.14, 3.3.x < 3.3.11, 3.4.x < 3.4.5 Matcher Vulnerability - Windows

VMware Spring Boot is prone to a matcher vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:springboot";...

Formidable relies on hexoid to prevent guessing of filenames for untrusted executable content

Formidable aka node-formidable 2.x before 2.1.3 and 3.x before 3.5.3 relies on hexoid to prevent guessing of filenames for untrusted executable content; however, hexoid is documented as not "cryptographically secure." Also, there is a scenario in which only the last two characters of a hexoid...

DEBIAN-CVE-2025-46653

Formidable aka node-formidable 2.1.0 through 3.x before 3.5.3 relies on hexoid to prevent guessing of filenames for untrusted executable content; however, hexoid is documented as not "cryptographically secure." Also, there is a scenario in which only the last two characters of a hexoid string nee...

CVE-2025-46653

Formidable aka node-formidable 2.1.0 through 3.x before 3.5.3 relies on hexoid to prevent guessing of filenames for untrusted executable content; however, hexoid is documented as not "cryptographically secure." Also, there is a scenario in which only the last two characters of a hexoid string nee...

CVE-2025-31324

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availabili...

CVE-2025-46653

Formidable aka node-formidable 2.1.0 through 3.x before 3.5.3 relies on hexoid to prevent guessing of filenames for untrusted executable content; however, hexoid is documented as not "cryptographically secure." Also, there is a scenario in which only the last two characters of a hexoid string nee...

Malicious code in tensorflowlitex (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c4b20463291f0bcc715ff6daffb6b2cc258096921b2aaf2a0b9bf96947b49b46 Importing the module init.py starts downloading and executing a remote exectuable, which has been identified by any.run and tria.ge as a malicious infostealer...

MAL-2025-191890 Malicious code in tensorflowlitex (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c4b20463291f0bcc715ff6daffb6b2cc258096921b2aaf2a0b9bf96947b49b46 Importing the module init.py starts downloading and executing a remote exectuable, which has been identified by any.run and tria.ge as a malicious infostealer...

The vulnerability of the MetadataUploader function in the Visual Composer tool of the SAP NetWeaver software integration platform allows a hacker to execute arbitrary code.

The vulnerability of the MetadataUploader function in the Visual Composer software integration platform of SAP NetWeaver lies in the ability to upload executable files without limitation. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by sending a specially...

SAP NetWeaver Visual Composer Metadata Uploader File Upload Vulnerability

SAP NetWeaver Visual Composer Metadata Uploader is a tool for modeling assistance from SAP. A file upload vulnerability exists in SAP NetWeaver Visual Composer Metadata Uploader. The vulnerability is due to an unauthenticated agent uploading potentially malicious executable binaries because the...

CVE-2025-31324

CVE-2025-31324 affects SAP NetWeaver Visual Composer Metadata Uploader (VCFRAMEWORK). Unauthenticated uploads to /developmentserver/metadatauploader allow remote code execution with SAP service user privileges (RCE in VCFRAMEWORK) and can compromise confidentiality, integrity, and availability. C...