15 matches found
EUVD-2016-0355
Malware in sbrugna...
EUVD-2021-21697
Malware in sbrugna...
EUVD-2024-54573
Malicious code in bioql PyPI...
CVE-2024-6769
A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integri...
CVE-2024-45987
Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery CSRF via voter.php. This vulnerability allows an attacker to craft a malicious link that, when clicked by an authenticated user, automatically submits a vote for a specified party without the user's consent ...
RCLocals - Linux Startup Analyzer
Inspired by 'Autoruns' from Sysinternals, RCLocals analyzes all Linux startup possibilities to find backdoors, also performs process integrity verification, scan for DLL injected processes and much more Things covered: ·List GPG keys trusted by the system ·Installed Packages ·File integrity...
CVE-2021-35052
A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High...
Design/Logic Flaw
A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High...
CVE-2021-35052
A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High...
CVE-2021-35052
Summary: CVE-2021-35052 concerns Kaspersky Password Manager. The connected ZDI advisory states the flaw exists in the Kaspersky Password Manager Service and arises from execution with unnecessary privileges, enabling local attackers to escalate from medium to high integrity by running code in the...
Kaspersky Password Manager 安全漏洞
Kaspersky Password Manager is an application from the Russian company Kaspersky. It provides a function to manage passwords. A security vulnerability exists in Kaspersky Password Manager that allows an attacker to increase the process integrity level from medium to high...
(0Day) Microsoft Print 3D PLY File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Print 3D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
ICS Attackers Set To Inflict More Damage With Evolving Tactics
Future attacks on industrial control system ICS networks may inflict even more damage in the long run, according to new research. Analysts expect them to evolve from attacks that have immediate, direct impact to those with multiple stages and attack vectors that are more stealthy. While it remain...
Microsoft Internet Explorer 远程代码执行漏洞(CVE-2013-3186)(MS13-059)
BUGTRAQ ID: 61663 CVECAN ID: CVE-2013-3186 Windows Internet Explorer,简称MSIE,是微软公司推出的一款网页浏览器。 Internet Explorer处理特定情况下的进程完整性级别分配存在权限提升漏洞,攻击者可利用此漏洞用提升的权限执行任意代码。 0 Microsoft Internet Explorer 6 - 10 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS13-059)以及相应补丁: MS13-059:Cumulative Security Update...
CVE-2013-3186
The Protected Mode feature in Microsoft Internet Explorer 7 through 10 on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly implement the Integrity Access Level aka IL protection mechanism, which allows remote...