Malicious code in terminalbrush (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 35e06fb41f9c1a4f082cf49a72dec89fc5b4d2f6580b97e527d291d50807b801 Package downloads an executable, places it distinguished as a Python binary and starts it. At the time of analysis, the URL was no longer active, so it was not...

MAL-2026-444 Malicious code in terminalbrush (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 35e06fb41f9c1a4f082cf49a72dec89fc5b4d2f6580b97e527d291d50807b801 Package downloads an executable, places it distinguished as a Python binary and starts it. At the time of analysis, the URL was no longer active, so it was not...

CVE-2021-47887

OKI Print Job Accounting 4.4.10 contains an unquoted service path vulnerability in the OkiJaSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Okidata\Print Job Accounting' to inject malicious executables and...

CVE-2021-47869

Brother BRAdmin Professional 3.75 contains an unquoted service path vulnerability in the BRAScheduler service that allows local users to potentially execute arbitrary code. Attackers can place a malicious executable named 'BRAdmin' in the C:\Program Files x86\Brother\ directory to gain local syst...

CVE-2021-47863

MacPaw Encrypto 1.0.1 contains an unquoted service path vulnerability in its Encrypto Service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Encrypto\ to inject malicious executables and escalate...

EUVD-2026-3646

OKI Configuration Tool 1.6.53 contains an unquoted service path vulnerability in the OKI Local Port Manager service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Okidata\Common\extend3\portmgrsrv.exe' to inject...

CVE-2021-47884

OKI Configuration Tool 1.6.53 contains an unquoted service path vulnerability in the OKI Local Port Manager service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Okidata\Common\extend3\portmgrsrv.exe' to inject...

CVE-2021-47883

Sandboxie Plus 0.7.2 contains an unquoted service path vulnerability in the SbieSvc service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions durin...

CVE-2021-47869 BRAdmin Professional 3.75 - 'BRA_Scheduler' Unquoted Service Path

Brother BRAdmin Professional 3.75 contains an unquoted service path vulnerability in the BRAScheduler service that allows local users to potentially execute arbitrary code. Attackers can place a malicious executable named 'BRAdmin' in the C:\Program Files x86\Brother\ directory to gain local syst...

EUVD-2026-3638

Brother BRAdmin Professional 3.75 contains an unquoted service path vulnerability in the BRAScheduler service that allows local users to potentially execute arbitrary code. Attackers can place a malicious executable named 'BRAdmin' in the C:\Program Files x86\Brother\ directory to gain local syst...

CVE-2021-47869 BRAdmin Professional 3.75 - 'BRA_Scheduler' Unquoted Service Path

Brother BRAdmin Professional 3.75 contains an unquoted service path vulnerability in the BRAScheduler service that allows local users to potentially execute arbitrary code. Attackers can place a malicious executable named 'BRAdmin' in the C:\Program Files x86\Brother\ directory to gain local syst...

EUVD-2026-3619

WIN-PACK PRO4.8 contains an unquoted service path vulnerability in the ScheduleService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in 'C:\Program Files \WINPAKPRO\ScheduleService Service.exe' to inject malicious code...

EUVD-2026-3643

MacPaw Encrypto 1.0.1 contains an unquoted service path vulnerability in its Encrypto Service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Encrypto\ to inject malicious executables and escalate...

EUVD-2026-3634

OSAS Traverse Extension 11 contains an unquoted service path vulnerability in the TravExtensionHostSvc service running with LocalSystem privileges. Attackers can exploit the unquoted path to inject and execute malicious code by placing executable files in the service's path, potentially gaining...

CVE-2021-47852

CVE-2021-47852 affects Rockstar Games Launcher 1.0.37.349. The issue is an insecure permission configuration on the RockstarService.exe binary, allowing authenticated users to replace it with a malicious binary, which yields a new administrator user and elevated system access. Root cause: weak pe...

Malicious code in coolpackage2323 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dfe85cdb01cd65f379803d150e3cd9142774bda4f802120401655f71b5b7a907 During installation and importing the module, the package silently downloads malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Rockstar Games Launcher security vulnerability

Rockstar Games Launcher is a game launcher developed by Rockstar Games, Inc. Version 1.0.37.349 of Rockstar Games Launcher has a security vulnerability. This vulnerability stems from weak permissions for the service executable file, which may lead to an elevation of privileges...

PT-2026-3821

Brother BRAdmin Professional 3.75 contains an unquoted service path vulnerability in the BRA Scheduler service that allows local users to potentially execute arbitrary code. Attackers can place a malicious executable named 'BRAdmin' in the C:Program Files x86Brother directory to gain local system...

PT-2026-3835

OKI Configuration Tool 1.6.53 contains an unquoted service path vulnerability in the OKI Local Port Manager service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:Program FilesOkidataCommonextend3portmgrsrv.exe' to inject malicious...

CVE-2025-58092

Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...