QuickBooks popup scam still being delivered via Google ads

Accounting software QuickBooks, by Intuit, is a popular target for India-based scammers, only rivaled for top spot by the classic Microsoft tech support scams. We've seen two main lures, both via Google ads: the first one is simply a website promoting online support for QuickBooks and shows a pho...

The vulnerability of the executable file vish2.exe in the software environment allows for the exploitation of Siemens ModelSim and Questa hardware devices. This enables a perpetrator to gain elevated privileges and execute arbitrary code.

The vulnerability of the executable file vish2.exe in the software environment for verifying and simulating Siemens ModelSim and Questa hardware devices is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges and...

MAL-2024-12212 Malicious code in backwwii (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cf5e7427061483e779c53f125b5792b2e650261bcdca0a9f4d90e9ca883c04d0 When importing the module, the obfuscated code downloads and runs a remote executable --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Malicious code in backwwii (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cf5e7427061483e779c53f125b5792b2e650261bcdca0a9f4d90e9ca883c04d0 When importing the module, the obfuscated code downloads and runs a remote executable --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Siemens SIPORT MP 安全漏洞

SIPORT is a comprehensive, modular and reliable system for access control and time management in the Monitoring Access Suite. An elevation of privilege vulnerability exists in Siemens SIPORT, which can be exploited by a local attacker with an unprivileged account to overwrite or modify the servic...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

Description Name : CVE-2023-38831 CVSS Score : 7.8...

CVE-2024-50592

CVE-2024-50592 describes a local privilege escalation in HASOMED Elefant software, via a race condition in the Elefant Update Service during repair/update. An attacker with local access can exploit the window between copying vulnerable executables to a user-writable folder (C:\Elefant1) and the f...

The vulnerability of the TeamViewer_service.exe executable file of the remote control software allows a hacker to gain increased privileges.

The vulnerability of the TeamViewerservice.exe executable file of the remote control software involves incorrect verification of the cryptographic signature. Exploiting this vulnerability can allow attackers to increase their privileges...

CVE-2024-51736

Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named cmd.exe is located in the current working directory it will be called by the Process class when preparing command arguments, leading to possible hijackin...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection by replacing cmd.exe or placing a fake one in the working directory, which will be executed by ExecutableFinder.php when preparing command arguments. Note: This vulnerability only affects applications running on...

Symfony 命令注入漏洞

Symfony is a PHP framework for web and console applications and a set of reusable PHP components from Symfony, Inc. Symfony suffers from a command injection vulnerability that originates from the presence of an executable file named cmd.exe in the current working directory, which could lead to...

WordPress mFolio Lite plugin <= 1.2.1 - Missing Authorization to Authenticated (Author+) File Upload via EXE and SVG Files vulnerability

Missing Authorization to Authenticated Author+ File Upload via EXE and SVG Files vulnerability discovered by Francesco Carlucci in WordPress Plugin mFolio Lite versions = 1.2.1...

Remote Code Execution (RCE)

pyloadng is vulnerable to Remote Code Execution RCE. The vulnerability is due to insufficient restrictions on the /.pyload/scripts folder, allowing executable files to run automatically when certain actions, like completing a download, are triggered. Attackers can exploit this by downloading an...

kernel: ELF: fix kernel.randomize_va_space double read

In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomizevaspace double read ELF loader uses "randomizevaspace" twice. It is sysctl and can change at any moment, so 2 loads could see 2 different values in theory with unpredictable consequences. Issue exactly on...

RHEL 5 : kernel (RHSA-2017:2802)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:2802 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A flaw was found in the way the Linux kernel...

The vulnerability of the AcTranslators.exe executable file of the AutoCAD simulation, design, and drafting software allows a perpetrator to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the AcTranslators.exe executable file of the AutoCAD modeling, design, and drafting software relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2024-30149

HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...

CVE-2024-30149

CVE-2024-30149 affects HCL AppScan Source versions 10.6.0 and earlier, with a root cause of improper validation of a TLS/SSL certificate for an executable. Public sources consistently state the issue in the AppScan Source

HCL AppScan 安全漏洞

HCL AppScan is a suite of dynamic analysis testing tools from HCL Corporation, USA, which is primarily used for Web security testing. A security vulnerability exists in HCL AppScan version 10.6.0 and prior versions that stems from not properly validating the TLS/SSL certificate of an executable...

CVE-2024-8591

A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process...