MAL-2025-8066 Malicious code in @hmp/testt (npm)

The package @hmp/testt was found to contain malicious code...

Malicious code in @hmp/testt (npm)

The package @hmp/testt was found to contain malicious code...

MAL-2025-8065 Malicious code in @hmp/test (npm)

The package @hmp/test was found to contain malicious code...

Malicious code in @hmp/test (npm)

The package @hmp/test was found to contain malicious code...

Malicious code in @hmp/h-shelves (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 958f7fcbcf7ccd4ad3fe9f11b3f7ac3b23da0e6f97148383aa60fd3ea258d6d8 The OpenSSF Package Analysis project identified '@hmp/h-shelves' @ 2.0.25 npm as malicious. It is considered malicious because: - The package...

MAL-2024-11162 Malicious code in @hmp/h-image-uploader (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 393baa73357f44a746ebe45eb2d74ed46234f46c3cfc528b4d221c1e3f945626 The OpenSSF Package Analysis project identified '@hmp/h-image-uploader' @ 1.0.1 npm as malicious. It is considered malicious because: - The...

Malicious code in @hmp/casepaper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8bb73fdd83484b884e5580371baf0af1553e5c9377cfb60e55600f053b470ffa The OpenSSF Package Analysis project identified '@hmp/casepaper' @ 10.0.1 npm as malicious. It is considered malicious because: - The package...

SUSE CVE-2016-1922

QEMU aka Quick Emulator built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'currentcpu' remains null, which leads to the null pointer dereference. A user or...

Metasploit Wrap-Up

Welcome, Little Hippo: PetitPotam Our very own @zeroSteiner ported the PetitPotam exploit to Metasploit this week. This module leverages CVE-2021-36942, a vulnerability in the Windows Encrypting File System EFS API, to capture machine NTLM hashes. This uses the EfsRpcOpenFileRaw function of the...

QEMU Monitor HMP 'migrate' Command Execution

This module uses QEMU's Monitor Human Monitor Interface HMP TCP server to execute system commands using the migrate command. This module has been tested successfully on QEMU version 6.2.0 on Ubuntu 20.04. Module Options msf use exploit/multi/misc/qemumonitorhmpmigratecmdexec msf...

QEMU Monitor HMP migrate Command Execution Exploit

This Metasploit module uses QEMU's Monitor Human Monitor Interface HMP TCP server to execute system commands using the migrate command. This module has been tested successfully on QEMU version 6.2.0 on Ubuntu 20.04. This module requires Metasploit: https://metasploit.com/download Current source:...

QEMU Monitor HMP migrate Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "QEMU Monitor HMP 'migrate' Command Execution", 'Description' = %q This module uses QEMU's Monitor Human Monitor Interface HMP TCP server to execu...

Shanghai Zhenghang Electronic Technology Co., Ltd. 7-inch touch screen programming software has memory corruption vulnerability

Ltd. is a high-tech enterprise dedicated to product design and development, production, sales and service in the field of industrial control. Ltd. 7-inch touch screen programming software memory corruption vulnerability, attackers can use the vulnerability to construct a deformed hmp file can lea...

Stack Overflow Vulnerability in AH-PClink

AH-PClink is a human-machine interface software. AH-PClink suffers from a stack overflow vulnerability in the handling of hmp project files, which allows an attacker to trick a user with AH-PClink installed to open a malicious hmp file, execute malicious code on the user's system, gain control of...

HEAP OVERFLOW VULNERABILITY in WECON LeviStudio

WECON LeviStudio is a set of HMI programming software from WECON China. A heap overflow vulnerability exists in WECON LeviStudio. An attacker can exploit the vulnerability to cause a program crash by constructing a malformed hmp file. Successful exploitation could lead to arbitrary code execution...

CVE-2016-1922

QEMU aka Quick Emulator built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'currentcpu' remains null, which leads to the null pointer dereference. A user or...

Null pointer dereference

QEMU aka Quick Emulator built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'currentcpu' remains null, which leads to the null pointer dereference. A user or...

CVE-2016-1922

QEMU aka Quick Emulator built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'currentcpu' remains null, which leads to the null pointer dereference. A user or...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:1703-1)

qemu was updated to fix 29 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...

Security update for qemu (important)

qemu was updated to fix 29 security issues. These security issues were fixed: - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avoi...