5 matches found
MAL-2025-20935 Malicious code in free-fortnite-vbucks-in-march-2023-updated-and-working-rekgek (npm)
The package free-fortnite-vbucks-in-march-2023-updated-and-working-rekgek was found to contain malicious code...
CVE-2023-26490
mailcow is a dockerized email package, with multiple containers linked in one bridged network. The Sync Job feature - which can be made available to standard users by assigning them the necessary permission - suffers from a shell command injection. A malicious user can abuse this vulnerability to...
CVE-2023-21457
Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission...
CVE-2023-26490 mailcow is vulnerable to shell command injection via xoauth2 authentication in imapsync
mailcow is a dockerized email package, with multiple containers linked in one bridged network. The Sync Job feature - which can be made available to standard users by assigning them the necessary permission - suffers from a shell command injection. A malicious user can abuse this vulnerability to...
KB5004442: Windows DCOM Server Security Feature Bypass Registry Check (CVE-2021-26414)
The remote Windows DCOM Server may be in a vulnerable state to exploitation by having the HKLM\Software\Microsoft\Ole\AppCompat\RequireIntegrityActivationAuthenticationLevel registry value set to 0. Hardening changes in DCOM were required for CVE-2021-26414 and were implemented in 2 phases on Jun...