3382 matches found
EUVD-2025-9084
Malicious code in bioql PyPI...
EUVD-2022-6980
Malicious code in bioql PyPI...
EUVD-2023-27766
Malicious code in bioql PyPI...
EUVD-2022-43616
Malicious code in bioql PyPI...
EUVD-2022-47513
Malicious code in bioql PyPI...
CVE-2025-61792
Quadient DS-700 iQ devices through 2025-09-30 might have a race condition during the quick clicking of in order the Question Mark button, the Help Button, the About button, and the Help Button, leading to a transition out of kiosk mode into local administrative access. NOTE: the reporter indicate...
CVE-2025-61792
Quadient DS-700 iQ devices through 2025-09-30 might have a race condition during the quick clicking of in order the Question Mark button, the Help Button, the About button, and the Help Button, leading to a transition out of kiosk mode into local administrative access. NOTE: the reporter indicate...
pptp-vpn 访问控制错误漏洞
pptp-vpn is a VPN client for iHongRen Personal Developer. An access control error vulnerability exists in pptp-vpn version 1.0 and 1.0.1. The vulnerability stems from a lack of authentication in the function shouldAcceptNewConnection in the file HelpTool/HelperTool.m in the XPC Service component,...
Researchers Expose Phishing Threats Distributing CountLoader and PureRAT
A new campaign has been observed impersonating Ukrainian government agencies in phishing attacks to deliver CountLoader , which is then used to drop Amatera Stealer and PureMiner. "The phishing emails contain malicious Scalable Vector Graphics SVG files designed to trick recipients into opening...
SolarWinds Web Help Desk < 12.8.7 Hotfix 1 Unsafe Deserialization
The version of Solarwinds Web Help Desk installed on the remote host is prior to 12.8.7 Hotfix 1. It is, therefore, affected by an unsafe deserialization vulnerability. - SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution...
Malicious Package
Overview giffgaff-help-site is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2025-47555 Malicious code in giffgaff-help-site (npm)
The package giffgaff-help-site was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d70e7af856cf858476096655334fe528a25eb4262ac3c438c7797794e7ec9bb3 Any computer that has this package installed or running should be considered fully...
CVE-2025-26399
SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patc...
SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw
SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could allow attackers to execute arbitrary commands on susceptible systems. The vulnerability, tracked as CVE-2025-26399 CVSS score: 9.8, has been described ...
Exploit for CVE-2025-26399
CVE-2025-26399 How does this detection method work? This...
CVE-2025-26399
SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patc...
CVE-2025-26399
SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patc...
CVE-2025-26399 SolarWinds Web Help Desk Deserialization of Untrusted Data Privilege Escalation Vulnerability
SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patc...
CVE-2025-26399 SolarWinds Web Help Desk Deserialization of Untrusted Data Privilege Escalation Vulnerability
SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patc...
CVE-2025-26399
SolarWinds Web Help Desk (WHD) is affected by CVE-2025-26399, an unauthenticated AjaxProxy deserialization vulnerability that enables remote code execution. This is a patch bypass of CVE-2024-28988 (and 2024-28986). In-the-wild activity and security guidance from Microsoft indicate unauthenticate...