Linux Distros Unpatched Vulnerability : CVE-2019-1010023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The...

MAL-2025-38458 Malicious code in virus.exe (npm)

The package virus.exe was found to contain malicious code...

Malicious code in virus.exe (npm)

The package virus.exe was found to contain malicious code...

CVE-2025-8962 code-projects Hostel Management System Login Form hostel_manage.exe stack-based overflow

A vulnerability was found in code-projects Hostel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file hostelmanage.exe of the component Login Form. The manipulation of the argument uname leads to stack-based buffer overflow. Local access is required to...

CVE-2025-8962 code-projects Hostel Management System Login Form hostel_manage.exe stack-based overflow

A vulnerability was found in code-projects Hostel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file hostelmanage.exe of the component Login Form. The manipulation of the argument uname leads to stack-based buffer overflow. Local access is required to...

CVE-2025-7973

CVE-2025-7973 affects FactoryTalk ViewPoint 14.0 and earlier. The root cause is improper handling of MSI repair operations, allowing an attacker with local access to hijack the cscript.exe console window (which runs with SYSTEM privileges) and spawn an elevated command prompt, enabling full privi...

CVE-2025-7973 Rockwell Automation FactoryTalk® ViewPoint Privilege Escalation Vulnerability

A security issue exists in FactoryTalk ViewPoint version 14.0 or below due to improper handling of MSI repair operations. During a repair, attackers can hijack the cscript.exe console window, which runs with SYSTEM privileges. This can be exploited to spawn an elevated command prompt, enabling fu...

Hackers Found Using CrossC2 to Expand Cobalt Strike Beacon's Reach to Linux and macOS

Japan's CERT coordination center JPCERT/CC on Thursday revealed it observed incidents that involved the use of a command-and-control C2 framework called CrossC2, which is designed to extend the functionality of Cobalt Strike to other platforms like Linux and Apple macOS for cross-platform system...

CVE-2025-41686

A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access...

Code-Projects Hostel Management System 安全漏洞

Hostel Management System is a hostel management system. Hostel Management System suffers from an improper authentication vulnerability that originates from a misbehavior of the file hostelmanage.exe that results in improper authentication, no details of the vulnerability are available at this tim...

Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics

Cybersecurity researchers have discovered a new campaign that employs a previously undocumented ransomware family called Charon to target the Middle East's public sector and aviation industry. The threat actor behind the activity, according to Trend Micro, exhibited tactics mirroring those of...

CVE-2025-41686

A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access...

CVE-2025-41686 Improper File Permissions Allow Local Privilege Escalation

A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access...

PHOENIX CONTACT DaUM 访问控制错误漏洞

Phoenix Contact DaUM is a device management software from Phoenix Contact, Germany. An access control error vulnerability exists in PHOENIX CONTACT DaUM that stems from improper permissions on nssm.exe, which could lead to elevated privileges...

BIT-LIBPYTHON-2020-15801

In Python 3.8.4, sys.path restrictions specified in a python38.pth file are ignored, allowing code to be loaded from arbitrary locations. The .pth file e.g., the python.pth file is not affected...

BIT-LIBPYTHON-2020-15523

In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4, and 3.9 through 3.9.0 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading after...

CVE-2025-48709 BMC Control-M/Server cleartext database credentials in process lists and logs

BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on,...

CVE-2025-46094

LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local executable file as an Actionscript...

CVE-2025-46094

LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local executable file as an Actionscript...

CVE-2025-46094

LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local executable file as an Actionscript...