MAL-2025-191783 Malicious code in logguru (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64b91d48504c05711a759a1cb2a0bfd63650f47d05d04296bbea6269ed4229b4 Malicious clone of a legitimate "loguru" package. There is added code to download and run an executable. Sandbox analysis reveals attempts to steal browsers da...

Malicious code in logguru (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64b91d48504c05711a759a1cb2a0bfd63650f47d05d04296bbea6269ed4229b4 Malicious clone of a legitimate "loguru" package. There is added code to download and run an executable. Sandbox analysis reveals attempts to steal browsers da...

Malicious code in discord-selfsbotsx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b56aa48c0654abd06a9d624b8c1b5ab4ce170399068d97b994bb4d63635bf18a Once run, package downloads and installs an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2025-191718 Malicious code in discord-selfsbotsx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b56aa48c0654abd06a9d624b8c1b5ab4ce170399068d97b994bb4d63635bf18a Once run, package downloads and installs an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

CVE-2025-66266

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the 'Everyone' group Full Control. A local attacker can replace the executable with a malicious binary to execute code with SYSTEM privileges or simply change the config path of the service to a command; startin...

CVE-2025-66264

The CMService.exe service runs with SYSTEM privileges and contains an unquoted service path. This allows a local attacker with write privileges to the filesystem to insert a malicious executable in the path, leading to privilege escalation...

Open-Xchange OX App Suite 安全漏洞

Open-Xchange OX App Suite is a productivity application suite from Open-Xchange Germany. A security vulnerability exists in Open-Xchange OX App Suite that originates from malicious email content executable script code that could lead to the disclosure of sensitive information...

CVE-2025-66266

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the 'Everyone' group Full Control. A local attacker can replace the executable with a malicious binary to execute code with SYSTEM privileges or simply change the config path of the service to a command; startin...

CVE-2025-66266 Insecure SYSTEM Service Permissions in UPSilon2000V6.0 (RupsMon.exe) leading to trivial Local Privilege Escalation

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the 'Everyone' group Full Control. A local attacker can replace the executable with a malicious binary to execute code with SYSTEM privileges or simply change the config path of the service to a command; startin...

CVE-2025-66266

CVE-2025-66266 concerns the RupsMon.exe service executable in UPSilon 2000. The vulnerability stems from insecure permissions that grant the Everyone group Full Control, enabling a local attacker to replace the binary with a malicious one to execute code with SYSTEM privileges or to alter the ser...

EUVD-2025-199688

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the 'Everyone' group Full Control. A local attacker can replace the executable with a malicious binary to execute code with SYSTEM privileges or simply change the config path of the service to a command; startin...

CVE-2025-66265

CMService.exe creates the C:\usr directory and subdirectories with insecure permissions, granting write access to all authenticated users. This allows attackers to replace configuration files such as snmp.conf or hijack DLLs to escalate privileges...

CVE-2025-66264

CVE-2025-66264 describes an unquoted service path in the CMService.exe service that runs with SYSTEM privileges, enabling a local attacker who has filesystem write access to place a malicious executable in the path and escalate privileges. The issue affects the UPSilon2000V6.0-related service as ...

EUVD-2025-199668

The CMService.exe service runs with SYSTEM privileges and contains an unquoted service path. This allows a local attacker with write privileges to the filesystem to insert a malicious executable in the path, leading to privilege escalation...

PT-2025-48122

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the 'Everyone' group Full Control. A local attacker can replace the executable with a malicious binary to execute code with SYSTEM privileges or simply change the config path of the service to a command; startin...

EUVD-2024-55101

In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not surrounded by quotation marks. An adversary can place an executable in a higher-level directory of the path, and Windows will resolve tha...

📄 B2B Hospitality Travel CMS 1.11 Shell Upload

B2B Hospitality Travel CMS version 1.11 suffers from a remote shell upload vulnerability. ============================================================================================================================================= | Title : B2B Hospitality Travel CMS 1.11 Remote File Upload...

CVE-2024-47856

In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not surrounded by quotation marks. An adversary can place an executable in a higher-level directory of the path, and Windows will resolve tha...

CVE-2024-47856

In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not surrounded by quotation marks. An adversary can place an executable in a higher-level directory of the path, and Windows will resolve tha...

EUVD-2025-198965

The update mechanism in Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is insecure. The application downloads and extracts update packages containing executable code without performing a cryptographic integrity or authenticity check on their contents. An attacker who can control th...