EUVD-2015-4693

Malware in sbrugna...

Carbanak Banking Malware Resurfaces with New Ransomware Tactics

The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. "The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness," cybersecurity firm NCC Group said in an analysis of ransomware attacks that took...

PT-2023-15618 · Acuant · Acuant Acufill Sdk

Name of the Vulnerable Software and Affected Versions: Acuant AcuFill SDK versions prior to 10.22.02.03 Description: The issue allows a standard user to elevate privileges to full SYSTEM code execution. This is achieved through a race condition and OpLock manipulation, enabling a standard user to...

VulnCheck KEV: CVE-2018-17207

An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files installer.php and installer-backup.php, an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution...

CVE-2018-17207

An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files installer.php and installer-backup.php, an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution...

CVE-2018-17207

An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files installer.php and installer-backup.php, an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution...

PT-2018-13948

Name of the Vulnerable Software and Affected Versions Snap Creek Duplicator versions prior to 1.2.42 Description An issue allows an attacker to inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution by accessing leftover installer files, specifically...

CVE-2015-4674

The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file...

CVE-2015-4674

The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file...