Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

The North Korean state-sponsored hacking group known as ScarCruft aka APT37 has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver a new malware called NarwhalRAT. "The attack email contained a message impersonating an MS account security...

📄 Microsoft Windows LNK File Remote Code Execution

This PHP script is a proof of concept exploit that demonstrates how to create a Windows LNK shortcut file that executes a PowerShell command in this example, launches calc.exe...

Yifang CMS 代码注入漏洞

Yifang CMS is a PHP enterprise website development and management system provided by Yifang Corporation. Version 2.0.5 of Yifang CMS has a code injection vulnerability. This vulnerability stems from the handling of the parameter linkName in the file DfriendLink.php, which may lead to cross-site...

PT-2026-23947

A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/D friendLink.php. Such manipulation of the argument linkName leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed...

Metasploit Wrap-Up 10/03/2025

Windows LNK and Linux persistence This week, happybear-21 introduced four new modules that abuse Windows Shell Link LNK to execute various attacks. Three of these modules are designed to trigger authentication attempts to a remote server, facilitating the harvesting of NTLM authentication...

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows that stems from a misleading UI when handling .LNK files, which could lead to remote code execution...

Linux Distros Unpatched Vulnerability : CVE-2018-12097

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The liblnklocationinformationreaddata function in liblnklocationinformation.c in liblnk through 2018-04-19 allows remote attackers to cause an information...

Linux Distros Unpatched Vulnerability : CVE-2023-49084

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database TSDB. While using the detected SQL Injection and...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2025-50154, CVE-2025-59214 Windows File Explorer Zero C...

CVE-2024-36486

A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac version 20.1.1 55740. When an archived virtual machine is restored, the prlvmarchiver tool decompresses the file and writes the content back to its original location...

DEBIAN-CVE-2025-1181

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function bfdelfgcmarkrsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather...

PT-2024-41119 · Undefined · Undefined

Уязвимость механизма обработки .LNK-файлов пользовательского интерфейса операционных систем Windows связана с ошибками представления информации пользовательским интерфейсом. Эксплуатация уязвимости может позволить нарушителю скрытно выполнить произвольные команды операционной системы путем отправ...

Directory traversal

FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file...

CVE-2023-51127

FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file. NOTE...

SUSE CVE-2018-12098

The liblnkdatablockread function in liblnkdatablock.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

Path traversal

Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to git apply, a path outside the working tree can be overwritten as the user who is running git apply. A...

Vulnerability of Windows operating systems, related to errors in processing files with extensions .LNK or .PIF, allows a perpetrator to execute arbitrary code.

The vulnerability of Windows operating systems is related to errors in processing files with the extension .LNK or .PIF. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted .LNK or .PIF file...

Vulnerability of Windows operating systems, related to errors in processing files with the .LNK extension, allows a hacker to execute arbitrary code.

The vulnerability of Windows operating systems is related to errors in processing files with the extension .LNK. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted .LNK file...

Vulnerability of Windows operating systems, related to errors in processing .LNK file extensions, allowing a hacker to execute arbitrary code

The vulnerability of the Windows operating system is related to errors in processing files with the extension .LNK link files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted .LNK file...

Microsoft Windows Remote Code Execution Vulnerability (CNVD-2020-40876)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A remote code execution vulnerability exists in Microsoft Windows, which can be exploited ...