43 matches found
EUVD-2022-36730
Malicious code in bioql PyPI...
CVE-2020-11977
In Apache Syncope 2.1.X releases prior to 2.1.7, when the Flowable extension is enabled, an administrator with workflow entitlements can use Shell Service Tasks to perform malicious operations, including but not limited to file read, file write, and code execution...
Linux kernel improper locking vulnerability (CNVD-2025-05376)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from an improper locking vulnerability that stems from arenamapfree on a 64k page kernel that could lead to a soft lock. The vulnerability can be exploited...
CVE-2024-29189
PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/productinstance.py, upon calling this method startprogram directly, users could exploit its usage to perform malicious operations on the current...
Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations
Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence AI technology powered by Google to further enable their malicious cyber and information operations. "Threat actors are experimenting with Gemini to enable their...
Siemens SINEC INS Session Expires Insufficiently Vulnerable
Siemens SINEC INS is a software from Siemens, Germany, that provides centralized services for network infrastructures. Siemens SINEC INS suffers from an insufficient session expiration vulnerability that can be exploited by an attacker to continue executing malicious operations after his user...
CVE-2024-29189
CVE-2024-29189 affects the PyAnsys Geometry library (ansys-geometry-core) and specifically the internal _start_program routine in src/ansys/geometry/core/connection/product_instance.py. The vulnerability arises from invoking subprocess.Popen with a shell context (shell flag enables shell executio...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an illegal authorization vulnerability that stems from the Jira plugin's inability to check the security level of incoming issues when processing subscriptions and to restrict...
Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing
The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023...
This Cybercrime Syndicate Pre-Infected Over 8.9 Million Android Phones Worldwide
A cybercrime enterprise known as Lemon Group is leveraging millions of pre-infected Android smartphones worldwide to carry out their malicious operations, posing significant supply chain risks. "The infection turns these devices into mobile proxies, tools for stealing and selling SMS messages,...
CVE-2023-1412 Local Privilege Escalation Vulnerability in WARP's MSI Installer
An unprivileged non-admin user can exploit an Improper Access Control vulnerability in the Cloudflare WARP Client for Windows = 2022.12.582.0 to perform privileged operations with SYSTEM context by working with a combination of opportunistic locks oplock and symbolic links which can both be creat...
K49033153: Apache Syncope vulnerabilities CVE-2018-1321 and CVE-2018-1322
Security Advisory Description CVE-2018-1321 An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can use XSL Transformations XSLT to perform malicious operations,...
Zero-Day Remote Code Execution Vulnerability in Zimbra Collaboration Suite
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The active exploitation of an unpatched CVE-2022-41352 remote code execution RCE vulnerability found in the Zimbra Collaboration Suite ZCS. It empowers attackers to upload arbitrary files and...
Samsung score drive competition condition loophole
Samsung score drive is a driver for Samsung mobile devices. samsung score drive is vulnerable to a contention condition. The vulnerability stems from the lack of proper synchronization points and can be exploited by attackers to perform malicious operations...
CVE-2022-33691
A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations...
GHSA-MJ73-5X75-9PHH Singularity insecure permissions
Insecure permissions 777 are set on $HOME/.singularity when it is newly created by Singularity version from 3.3.0 to 3.5.1, which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services...
Cardiologist moonlighted as successful ransomware developer
The US has charged a 55-year-old French-Venezuelan cardiologist from Venezuela with "attempted computer intrusions and conspiracy to commit computer intrusions". This was revealed in an unsealed complaint in a federal court in Brooklyn, New York. Moises Luis Zagala Gonzales worked as a ransomware...
Double free
There is a pointer double free vulnerability in Some MIUI Services. When a function is called, the memory pointer is copied to two function modules, and an attacker can cause the pointer to be repeatedly released through malicious operations, resulting in the affected module crashing and affectin...
Samsung SMR DSP Driver Resource Management Error Vulnerability
Samsung SMR is a system patch package from South Korea's Samsung Samsung. The Samsung SMR DSP driver is vulnerable to resource management errors, which can be exploited by attackers to perform malicious operations...
Totolink A3100R Security Feature Issue Vulnerability
The TotoLink A3100R is a series of wireless routers from TotoLink, Taiwan, China.The TotoLink A3100R V5.9c.4577 is vulnerable to a security feature issue that could be exploited by attackers to hijack a valid session and perform further malicious operations...