29 matches found
CVE-2025-7017 Avira antivirus engine heap buffer OOB read when scanning a malformed Windows MSI file
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows MSI file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before...
EUVD-2018-4963
Malware in sbrugna...
CVE-2025-10941
The CVE-2025-10941 entry concerns Topaz SERVCore Teller versions 2.14.0-RC2/2.14.1, where the vulnerability affects the Installer component (SERVCoreTeller_2.0.40D.msi). The issue is described as a local permission problem in the installer file that could enable a local privilege/permission manip...
CVE-2024-9473
A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install...
CVE-2024-9473 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install...
CVE-2024-9473 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install...
CVE-2024-9473
CVE-2024-9473 affects the Palo Alto Networks GlobalProtect App on Windows. The issue is a local privilege escalation via the MSI repair functionality used during installation, allowing a locally authenticated non-admin user to elevate to NT AUTHORITY/SYSTEM. Affected versions are GlobalProtect Ap...
Description of the security update for Microsoft OLE DB Driver 19 for SQL Server: July 9, 2024
Description of the security update for Microsoft OLE DB Driver 19 for SQL Server: July 9, 2024 Summary This security update resolves a vulnerability. To learn more about the vulnerability, see the following security advisory: CVE-2024-37334 - Microsoft OLE DB Driver for SQL Server Remote Code...
Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns
Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. "These campaigns typically involve a recognizable infection chain involving oversized...
Description of the security update for Microsoft ODBC Driver 18 for SQL Server: April 9, 2024
Description of the security update for Microsoft ODBC Driver 18 for SQL Server: April 9, 2024 Summary This security update contains a fix and resolves vulnerabilities. To learn more about the vulnerabilities, see the following security advisories: CVE-2024-28929 - Microsoft ODBC Driver for SQL...
New Python Variant of Chaes Malware Targets Banking and Logistics Industries
Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced...
CVE-2022-46291
Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...
CVE-2022-46291
Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...
CVE-2022-46291
Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...
Out-of-bounds
Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...
CVE-2022-46291
Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...
CVE-2022-46291
Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...
CVE-2022-46291
Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...
CVE-2022-46291
Open Babel 3.1.1 and the master commit 530dbfa3 are affected by multiple out-of-bounds write vulnerabilities in the translationVectors parsing logic across several formats (notably MSI). The vulnerable code paths read lines, tokenize, and increment an index into translationVectors without proper ...
The vulnerability of clients for conducting real-time audio and video conferences via Zoom Client for Meetings for Windows allows a perpetrator to compromise the integrity of protected information.
The vulnerability of clients for conducting real-time audio and video conferences using the Zoom Client for Meetings for Windows involves an improper verification of the cryptographic signature. Exploiting this vulnerability can allow attackers to compromise the integrity of the protected...