PT-2025-53758

Name of the Vulnerable Software and Affected Versions BinUtils version 2.26 Description A buffer overflow issue exists in the gnu special function within the cplus-dem.c file. This can lead to a denial of service through the processing of specially crafted PE files. Recommendations Update to a...

Linux Distros Unpatched Vulnerability : CVE-2025-66866

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in function dabitags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

Linux Distros Unpatched Vulnerability : CVE-2025-66865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in function dprintcompinner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

GNU BinUtils 安全漏洞

GNU BinUtils is a collection of programming tools for working with binary files from the US GNU community. A security vulnerability exists in GNU BinUtils version 2.26, which stems from the improper handling of specially crafted PE files by the dunqualifiedname function in the cp-demangle.c file,...

CVE-2025-66865

An issue was discovered in function dprintcompinner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

Malicious code in cryptozip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 157ea6b1f1c3d4ed5564c494db770e9156f3e269f12cefec6e4270085a762f26 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

Malicious code in extrazip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f58777710463b043a0724ad1d7999807501b56667a10eced314fd036e9303fdf During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

MAL-2025-192948 Malicious code in extrazip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f58777710463b043a0724ad1d7999807501b56667a10eced314fd036e9303fdf During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

CLSA-2025-1766657780 Fix CVE(s): CVE-2025-1181

SECURITY UPDATE: memory corruption when processing relocations for ELF files - debian/patches/CVE-2025-1181.patch: prevent illegal memory access when checking relocs in a corrupt ELF binary - CVE-2025-1181...

Malicious code in envtoolsx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8718f9207ffeca355720b0d4a59cc778fabe7879fc354837d655affac6a82321 Importing the module, downloads and starts a malicious executable identified as infostealer. Based on Telegram links, this is related to the 2025-12-synium...

MAL-2025-192929 Malicious code in envtoolsx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8718f9207ffeca355720b0d4a59cc778fabe7879fc354837d655affac6a82321 Importing the module, downloads and starts a malicious executable identified as infostealer. Based on Telegram links, this is related to the 2025-12-synium...

CVE-2019-25245

Ross Video DashBoard 8.5.1 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files due to improper permission settings. Attackers can exploit the 'M' or 'C' flags for 'Authenticated Users' group to replace the DashBoard.exe binary with a...

CVE-2019-25245

Ross Video DashBoard 8.5.1 has an elevation-of-privileges vulnerability where authenticated users can replace the DashBoard.exe binary due to improper permissions. The issue arises from the ability of the M/C flags for the Authenticated Users group to modify executables, enabling a local attacker...

CVE-2019-25245 Ross Video DashBoard 8.5.1 Privilege Escalation via Insecure Permissions

Ross Video DashBoard 8.5.1 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files due to improper permission settings. Attackers can exploit the 'M' or 'C' flags for 'Authenticated Users' group to replace the DashBoard.exe binary with a...

CVE-2019-25245 Ross Video DashBoard 8.5.1 Privilege Escalation via Insecure Permissions

Ross Video DashBoard 8.5.1 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files due to improper permission settings. Attackers can exploit the 'M' or 'C' flags for 'Authenticated Users' group to replace the DashBoard.exe binary with a...

PT-2025-53331

Name of the Vulnerable Software and Affected Versions Ross Video DashBoard version 8.5.1 Description An elevation of privileges issue exists in Ross Video DashBoard. Authenticated users can modify executable files because of incorrect permission settings. Attackers can leverage the 'M' or 'C' fla...

Malicious code in unizip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 36d788bf5be2a646474da2cb929d2b24c328cd5bbd997697780a15da181d1053 During initialization of the archive-support class, the package download and executes remote malicious code --- Category: MALICIOUS - The campaign has clearly...

CVE-2023-53947

OCS Inventory NG 2.3.0.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to system level. Attackers can place a malicious executable in the unquoted service path and trigger the service restart to execute code with elevated system privileges...

os/exec: Unexpected paths returned from LookPath in os/exec

A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

PT-2025-52695

Name of the Vulnerable Software and Affected Versions Wondershare MirrorGo version 2.0.11.346 Description Wondershare MirrorGo version 2.0.11.346 has a local privilege escalation issue. Incorrect file permissions on executable files allow unprivileged local users to replace the ElevationService.e...