Race Condition

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Race Condition in the updateRegistry and removeRegistryEntry processes. An attacker can cause loss of updates or restoration of deleted entries by performing concurrent operations that...

EUVD-2021-22111

Malware in sbrugna...

EUVD-2021-32226

Malicious code in bioql PyPI...

CVE-2021-45460

A vulnerability has been identified in SICAM PQ Analyzer All versions V3.18. A service is started by an unquoted registry entry. As there are spaces in this path, attackers with write privilege to those directories might be able to plant executables that will run in place of the legitimate proces...

CVE-2013-5008

The agent and task-agent components in Symantec Management Platform 7.0 and 7.1 before 7.1 SP2 Mp1.1v7 rollup, as used in certain Altiris products, use the same registry-entry encryption key across different customers' installations, which makes it easier for local users to obtain sensitive...

WordPress plugin Spectra Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. The WordPress plugin Spectra Pro has a...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2024-21150)

The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Windows Kernel, which can be exploited by an attacker to obtain the value of a registry entry...

Microsoft Windows Kernel 安全漏洞

The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Windows Kernel, which can be exploited by an attacker to obtain the value of a registry entry...

SUSE CVE-2020-6417

Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local attacker to execute arbitrary code via a crafted registry entry...

USB-based Wormable Malware Targets Windows Installer

Credit: Red Canary Wormable malware dubbed Raspberry Robin has been active since last September and is wriggling its way through USB drives onto Windows machines to use Microsoft Standard Installer and other legitimate processes to install malicious files, researchers have found. Researchers at...

Miele Benchmark Programming Tool 1.1.49 / 1.2.71 Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Privilege Escalation product: Miele Benchmark Programming Tool vulnerable version: at least 1.1.49 and 1.2.71 fixed version: 1.2.72 CVE number: CVE-2022-22521 impact:...

CVE-2021-45460

A vulnerability has been identified in SICAM PQ Analyzer All versions V3.18. A service is started by an unquoted registry entry. As there are spaces in this path, attackers with write privilege to those directories might be able to plant executables that will run in place of the legitimate proces...

Design/Logic Flaw

A vulnerability has been identified in SICAM PQ Analyzer All versions V3.18. A service is started by an unquoted registry entry. As there are spaces in this path, attackers with write privilege to those directories might be able to plant executables that will run in place of the legitimate proces...

CVE-2021-45460

A vulnerability has been identified in SICAM PQ Analyzer All versions V3.18. A service is started by an unquoted registry entry. As there are spaces in this path, attackers with write privilege to those directories might be able to plant executables that will run in place of the legitimate proces...

CVE-2021-35469

The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to a registry entry that has an unquoted service path...

CVE-2021-35469

The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to a registry entry that has an unquoted service path...

CVE-2021-35469

The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to a registry entry that has an unquoted service path...

Spybrowse - Code Developed To Steal Certain Browser Config Files (History, Preferences, Etc)

Be sure to change the ftp variables throughout the code, these variables contain the username, password, & IP address of the FTP server which receives the files. This code will do the following: 1. Copy itself into the %TMP% directory & name itself ursakta.exe 2. Add a registry entry to execute...

No network connectivity on Windows 7-based or Windows Server 2008 R2-based client computers when a DHCPv6 message is sent that has a duplicated DUID

No network connectivity on Windows 7-based or Windows Server 2008 R2-based client computers when a DHCPv6 message is sent that has a duplicated DUID Symptoms Consider the following scenario: You use a DHCP unique identifier DUID as a unique identifier in a network environment. You use DUID and...

chromium-browser: Inappropriate implementation in installer

Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local attacker to execute arbitrary code via a crafted registry entry...