Malicious code in similix-win32-x64-msvc (npm)

The package similix-win32-x64-msvc was found to contain malicious code...

Malicious code in next-swc-win32-x64-msvc (npm)

The package next-swc-win32-x64-msvc was found to contain malicious code...

MAL-2025-32500 Malicious code in rs-thrift2ts-win32-x64-msvc (npm)

The package rs-thrift2ts-win32-x64-msvc was found to contain malicious code...

Malicious code in ostat-win32-x64-msvc (npm)

The package ostat-win32-x64-msvc was found to contain malicious code...

Malicious code in rs-thrift2ts-win32-x64-msvc (npm)

The package rs-thrift2ts-win32-x64-msvc was found to contain malicious code...

[SECURITY] Fedora 40 Update: maven-native-1.0-0.18.alpha.11.fc40

Maven Native - compile C and C++ source under Maven with compilers such as GCC, MSVC, GCJ etc...

SysWhispers3 - AV/EDR Evasion Via Direct System Calls

SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. Why on earth didn't I create a PR to SysWhispers2? The reason for SysWhispers3 to be a standalone version are many, but the most important are: SysWhispers3 is the de-facto "fork" used by...

GHSA-69FV-GW6G-8CCG Potential memory corruption in arrayfire

The attribute repr added to enums to be compatible with C-FFI caused memory corruption on MSVC toolchain. arrayfire crates = version 3.5.0 do not have this issue when used with Rust versions 1.27 or earlier. The issue only started to appear since Rust version 1.28. The issue seems to be interlink...

Potential memory corruption in arrayfire

The attribute repr added to enums to be compatible with C-FFI caused memory corruption on MSVC toolchain. arrayfire crates = version 3.5.0 do not have this issue when used with Rust versions 1.27 or earlier. The issue only started to appear since Rust version 1.28. The issue seems to be interlink...

paradoxiaRAT - Native Windows Remote Access Tool

Paradoxia Remote Access Tool. Features Paradoxia Console Feature | Description ---|--- Easy to use | Paradoxia is extremely easy to use, So far the easiest rat! Root Shell | - Automatic Client build | Build Paradoxia Client easily with or without the icon of your choice. Multithreaded |...

Applepie - A Hypervisor For Fuzzing Built With WHVP And Bochs

Hello! Welcome to applepie! This is a tool designed for fuzzing, introspection, and finding bugs! This is a hypervisor using the Windows Hypervisor Platform API present in recent versions of Windows specifically this was developed and tested on Windows 10 17763. Bochs is used for providing deep...

Enum repr causing potential memory corruption

The attribute repr added to enums to be compatible with C-FFI caused memory corruption on MSVC toolchain. arrayfire crates = version 3.5.0 do not have this issue when used with Rust versions 1.27 or earlier. The issue only started to appear since Rust version 1.28. The issue seems to be interlink...

MinaliC Webserver 2.0.0 - Buffer Overflow (Egghunter)

Exploit for windows platform in category remote exploits !/usr/bin/env python Exploit Title: MinaliC Webserver buffer overflow egghunter Date: August 13 2013 Exploit Author: PuN1sh3r Email: email protected Vendor Homepage: http://minalic.sourceforge.net/ Version: MinaliC Webserver 2.0.0 Tested on...

VULNERABLE (3rd party) components in Adobe Reader 11.0.03, and dangling reference to Acrobat.exe

Hi @ll, the current Adobe Reader 11.0.03 installs the following VULNERABLE 3rd party components: 1. Adobe Flash Player Plugin 11.5.502.110 | X:filever.exe /S "ProgramFilesAdobenpswf.dll" | x:program filesadobereader 11.0readernpswf.dll | --a-- W32i DLL ENU 11.5.502.110 shp 14,588,632 05-11-2013...

Vulnerable Microsoft VC++ 2005 RTM runtime libraries installed with "Microsoft Security Essentials" (and numerous other Microsoft products)

Hi @ll, this is part 2 of "Defense in depth -- the Microsoft way", see http://seclists.org/fulldisclosure/2013/May/107 On Windows NT 5.x the current "Microsoft Security Essentials" v4.2 available from http://www.microsoft.com/securityessentials, and offered as optional update KB2804527 via...

FreeBSD : openoffice.org -- multiple vulnerabilities (c97d7a37-2233-11df-96dd-001b2134ef46)

OpenOffice.org Security Team reports : Fixed in OpenOffice.org 3.2 CVE-2006-4339: Potential vulnerability from 3rd party libxml2 libraries CVE-2009-0217: Potential vulnerability from 3rd party libxmlsec libraries CVE-2009-2493: OpenOffice.org 3 for Windows bundles a vulnerable version of MSVC...

OpenOffice Zaps Six Security Bugs

OpenOffice.org has shipped a new version of the desktop productivity suite to patch six vulnerabilities that could expose users to malicious hacker attacks. The flaws fixed in OpenOffice.org 3.2 could be exploited via GIF, XPM files and Microsoft Word document processing, according to an advisory...

Vulnerable MSVC++ runtime distributed with OpenOffice.org 3.1.1 for Windows

The just released latest version of OpenOffice.org 3.1.1 for Windows distributes once again a completely outdated and vulnerable MSVC++ runtime. The unpacked installation archive contains in subdirectory REDIST the installer of the "Microsoft Visual C++ 2008 Redistributable", VCRedistx86.exe, tim...

CVE-2007-0468

CVE-2007-0468 describes a stack-based buffer overflow in rcdll.dll inside msdev.exe (Visual C++ MSVC) of Microsoft Visual Studio 6.0 SP6. The vulnerability is triggered by a long file path in the RC file’s 1 TYPELIB MOVEABLE PURE option, allowing a user-assisted attacker to execute arbitrary code...

openoffice.org -- multiple vulnerabilities

OpenOffice.org Security Team reports: Fixed in OpenOffice.org 3.2 CVE-2006-4339: Potential vulnerability from 3rd party libxml2 libraries CVE-2009-0217: Potential vulnerability from 3rd party libxmlsec libraries CVE-2009-2493: OpenOffice.org 3 for Windows bundles a vulnerable version of MSVC...