Linux Distros Unpatched Vulnerability : CVE-2026-42171

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NSIS Nullsoft Scriptable Install System 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain...

UBUNTU-CVE-2026-42171

NSIS Nullsoft Scriptable Install System 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges if they can cause myGetTempFileName to return 0, as shown in the references...

CVE-2026-42171

NSIS Nullsoft Scriptable Install System 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges if they can cause myGetTempFileName to return 0, as shown in the references...

CVE-2026-42171

NSIS Nullsoft Scriptable Install System 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges if they can cause myGetTempFileName to return 0, as shown in the references...

NSIS 代码问题漏洞

NSIS is an open-source tool developed by NSIS Development for creating Windows installation programs. In versions 3.06.1 to 3.12 of NSIS, there were code vulnerabilities. These vulnerabilities stemmed from the use of a low-IL temporary directory when executed as SYSTEM, allowing local attackers t...

Fake Huorong security site infects users with ValleyRAT

A convincing lookalike of the popular Huorong Security antivirus has been used to deliver ValleyRAT, a sophisticated Remote Access Trojan RAT built on the Winos4.0 framework, to users who believed they were improving their security. The campaign, attributed to the Silver Fox APT group—a...

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad++. The attack enabled the state-sponsored hacking group to deliver a previously undocumented backdoor codenamed Chrysalis to...

EUVD-2006-3530

Malware in sbrugna...

EUVD-1999-1542

Malware in sbrugna...

EUVD-2004-2375

Malware in sbrugna...

EUVD-2007-1226

Malware in sbrugna...

EUVD-2002-0196

Malware in sbrugna...

EUVD-2008-3427

Malware in sbrugna...

EUVD-2006-3529

Malware in sbrugna...

EUVD-2008-3553

Malware in sbrugna...

EUVD-2015-9110

Malware in sbrugna...

EUVD-2023-41280

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-37378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nullsoft Scriptable Install System NSIS before 3.09 mishandles access control for an uninstaller directory. CVE-2023-37378 Note that Nessus relies on the presen...

Linux Distros Unpatched Vulnerability : CVE-2025-43715

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nullsoft Scriptable Install System NSIS before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary...

CVE-2025-43715

Nullsoft Scriptable Install System NSIS before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary plugins directory is created under %WINDIR%\temp and unprivileged users can place a crafted executable file by winning a race condition...