PT-2025-49044

Name of the Vulnerable Software and Affected Versions Thermo Fisher Torrent Suite version 5.18.1 Description The Django application within Thermo Fisher Torrent Suite has a flaw related to file uploads. The /configure/plugins/plugin/upload/zip/ and /configure/newupdates/offline/bundle/upload/ API...

CVE-2025-65806

The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An attacker can upload a nested ZIP a ZIP containing another ZIP where the inner archive contains an executable file e.g. webshell.php. When the application extracts the uploaded archives, the executabl...

CVE-2025-64778

NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text hard-coded passwords. These hard-coded passwords could allow unauthorized access to both the application and database...

CVE-2025-64642

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries...

os/exec: Unexpected paths returned from LookPath in os/exec

A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

Exploit for CVE-2025-63945

CVE-2025-63945 Tencent iOA EoP Version : before 210.9.28693...

📄 Microsoft Windows 11 Build 10.0.22631.6199 UAC Bypass

Microsoft Windows 11 build 10.0.22631.6199 proof of concept exploit for a UAC bypass vulnerability achieved via DLL injection Windows Hooking. ============================================================================================================================================= | Title :...

CVE-2025-66476

Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...

MAL-2025-191830 Malicious code in pulsecord (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 025d4e33a2037fb9ad36cb4b08b122e4439bb4932b73ac6c6f403609e7e1c09e This package is prepared for silent execution of a malicious executable, with disabling AV protection. While there is no link to the malicious binary inside, t...

CVE-2025-64642 Mirion Medical EC2 Software NMIS BioDose Incorrect Permission Assignment for Critical Resource

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries...

CVE-2025-64642 Mirion Medical EC2 Software NMIS BioDose Incorrect Permission Assignment for Critical Resource

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries...

CVE-2025-7007

NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when scanning a malformed Windows PE file causes the antivirus process to crash.This issue affects Antivirus: 16.0.0; Anitvirus: 3.0.3...

Vim 代码问题漏洞

Vim is a cross-platform text editor from the Vim open source. A code issue vulnerability exists in versions prior to Vim 9.1.1947 that stems from insufficient search path control on Windows and could lead to the execution of a malicious executable...

CVE-2025-7007

NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when scanning a malformed Windows PE file causes the antivirus process to crash.This issue affects Antivirus: 16.0.0; Anitvirus: 3.0.3...

CVE-2025-7007 Null pointer dereference in Avast Antivirus on macOS (16.0.0) or Linux (3.0.3)

NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when scanning a malformed Windows PE file causes the antivirus process to crash.This issue affects Antivirus: 16.0.0; Anitvirus: 3.0.3...

CVE-2025-7007 Null pointer dereference in Avast Antivirus on macOS (16.0.0) or Linux (3.0.3)

NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when scanning a malformed Windows PE file causes the antivirus process to crash.This issue affects Antivirus: 16.0.0; Anitvirus: 3.0.3...

PT-2025-48495

Name of the Vulnerable Software and Affected Versions Avast Antivirus versions 16.0.0 on MacOS Avast Antivirus versions 3.0.3 on Linux Description A NULL pointer dereference issue exists in Avast Antivirus when scanning a malformed Windows PE file. This can cause the antivirus process to crash on...

Malicious code in multithreadedexecution (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3248950b032e1381ddc79d43dfdba8fb6dccce4b1afafd5825e560d793b3bd09 Once run, package downloads and installs an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2025-191798 Malicious code in multithreadedexecution (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3248950b032e1381ddc79d43dfdba8fb6dccce4b1afafd5825e560d793b3bd09 Once run, package downloads and installs an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

Wordpress-BRUTE-FORCE-UPLOAD-SHELL

🛠️ Wordpress-BRUTE-FORCE-UPLOAD-SHELL - Simple Tool for WordPr...