6692 matches found
CVE-2024-47856
In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not surrounded by quotation marks. An adversary can place an executable in a higher-level directory of the path, and Windows will resolve tha...
CVE-2024-47856
In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not surrounded by quotation marks. An adversary can place an executable in a higher-level directory of the path, and Windows will resolve tha...
RSA Authentication Agent 安全漏洞
RSA Authentication Agent is a remote access request authentication software from RSA Corporation. A security vulnerability exists in RSA Authentication Agent versions prior to 7.4.7 that stems from a path interception issue that could lead to the execution of an unexpected executable file...
Malicious code in minizip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 33ba100525dffc7a828e4b7384f862ff22dfb55d2e7d61a34c0d31ecdff64c10 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
MAL-2025-191792 Malicious code in minizip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 33ba100525dffc7a828e4b7384f862ff22dfb55d2e7d61a34c0d31ecdff64c10 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
MAL-2025-191918 Malicious code in uuzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bbfdf99ece618455cadb15bcd6d0d6a93707bd72278a58834e74eb88094279ee During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
Malicious code in uuzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bbfdf99ece618455cadb15bcd6d0d6a93707bd72278a58834e74eb88094279ee During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
Malicious code in mzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cfa6ef3ee944ed5eef4429c7c9ec9488d9c2c70be6435ee1019851527272a9e4 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
MAL-2025-191799 Malicious code in mzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cfa6ef3ee944ed5eef4429c7c9ec9488d9c2c70be6435ee1019851527272a9e4 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
Malicious code in uzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ee20087db4a86ce68765ba8046732e8f1fc906c58a0303e836429a63788dc97f During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
os/exec: Unexpected paths returned from LookPath in os/exec
A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...
CVE-2025-13433
A security flaw has been discovered in Muse Group MuseHub 2.1.0.1567. The affected element is an unknown function of the file C:\Program Files\WindowsApps\Muse.MuseHub2.1.0.1567x64rb9pth70m6nz6\Muse.Updater.exe of the component Windows Service. The manipulation results in unquoted search path. Th...
EUVD-2025-198258
A security flaw has been discovered in Muse Group MuseHub 2.1.0.1567. The affected element is an unknown function of the file C:\Program Files\WindowsApps\Muse.MuseHub2.1.0.1567x64rb9pth70m6nz6\Muse.Updater.exe of the component Windows Service. The manipulation results in unquoted search path. Th...
PT-2025-47633
Name of the Vulnerable Software and Affected Versions Quark Cloud Drive version 3.23.2 Description The software contains a flaw due to insecure loading of system libraries. The application does not validate the path or signature of regsvr32.exe when loading it. An attacker could place a malicious...
Windows Persistent Service Installer
This Metasploit module will generate and upload an executable to a remote host. It will create a new service which will start the payload whenever the service is running. Admin or system privilege is required...
Mozilla Firefox < 61.0
The version of Firefox installed on the remote Windows host is prior to 61.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-15 advisory. - Mozilla developers and community members Alex Gaynor, Christoph Diehl, Christian Holler, Jason Kratzer, David Major, Jo...
CVE-2025-63916
MyScreenTools v2.2.1.0 contains a critical OS command injection vulnerability in the GIF compression tool. The application fails to properly sanitize user-supplied file paths before passing them to cmd.exe, allowing attackers to execute arbitrary system commands with the privileges of the user...
SmartPoC: Generating Executable and Validated PoCs for Smart Contract Bug Reports
Smart contracts are prone to vulnerabilities and are analyzed by experts as well as automated systems, such as static analysis and AI-assisted solutions. However, audit artifacts are heterogeneous and often lack reproducible, executable PoC tests suitable for automated validation, leading to...
Malicious code in perfviewer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ea912a2de677fa6d9ea6dbf9a792dace4d927efd46a5cb615ba8548fec4930e8 During installation, code downloads and starts an executable and a DLL library. After starting them, files are removed from the disk. The executable has been...
MAL-2025-191814 Malicious code in perfviewer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ea912a2de677fa6d9ea6dbf9a792dace4d927efd46a5cb615ba8548fec4930e8 During installation, code downloads and starts an executable and a DLL library. After starting them, files are removed from the disk. The executable has been...