25 matches found
CVE-2026-34773
CVE-2026-34773 (Electron, Windows): The issue arises when calling app.setAsDefaultProtocolClient() with a protocol name derived from external input; the protocol name is written to HKCU\Software\Classes\ without proper validation, risking hijack of existing protocol handlers. Affected Electron ve...
CVE-2020-7821
Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry path. This can be leveraged for code execution by rebooting the victim’s PC...
EUVD-2025-36536
An issue was discovered in Prevx v3.0.5.220 allowing attackers to cause a denial of service via sending IOCTL code 0x22E044 to the pxscan.sys driver. Any processes listed under registry key HKEYLOCALMACHINE\System\CurrentControlSet\Services\pxscan\Files will be terminated...
PT-2025-41470
Name of the Vulnerable Software and Affected Versions Newforma Info Exchange NIX affected versions not specified Description Newforma Info Exchange NIX stores credentials used to configure NPCS in the registry location 'HKLMSoftwareWOW6432NodeNewformaversionCredentials'. These credentials are...
EUVD-2025-25592
Malicious code in bioql PyPI...
CVE-2025-52094
Insecure Permissions vulnerability in PDQ Smart Deploy V.3.0.2040 allows a local attacker to execute arbtirary code via the \HKLM\SYSTEM\Setup\SmartDeploy component...
CVE-2025-52094
Insecure Permissions vulnerability in PDQ Smart Deploy V.3.0.2040 allows a local attacker to execute arbtirary code via the \HKLM\SYSTEM\Setup\SmartDeploy component...
CVE-2025-52094
Insecure Permissions vulnerability in PDQ Smart Deploy V.3.0.2040 allows a local attacker to execute arbtirary code via the \HKLM\SYSTEM\Setup\SmartDeploy component...
CVE-2025-52094
Insecure Permissions vulnerability in PDQ Smart Deploy V.3.0.2040 allows a local attacker to execute arbtirary code via the \HKLM\SYSTEM\Setup\SmartDeploy component...
SUSE-SU-2025:20055-1 Security update for containerized-data-importer
This update for containerized-data-importer fixes the following issues: - Update to version 1.60.1 Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.60.1 - Add registry path for SLE15 SP7 - Bump to the latest tag 1.60.1-150600.3.9.1 - Use the images based on...
Security update for kubevirt
This update for kubevirt fixes the following issues: Update to version 1.3.1 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.3.1 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.3.0 Fix DV error report via VM printable status Fix permission error in storage...
CVE-2024-8785 WhatsUp Gold Registry Overwrite Remote Code Execution Vulnerability
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEYLOCALMACHINE\SOFTWARE\WOW6432Node\Ipswitch...
HrServ – Previously unknown web shell used in APT attack
Introduction In the course of our routine investigation, we discovered a DLL file, identified as hrserv.dll, which is a previously unknown web shell exhibiting sophisticated features such as custom encoding methods for client communication and in-memory execution. Our analysis of the sample led t...
CVE-2021-45460
A vulnerability has been identified in SICAM PQ Analyzer All versions V3.18. A service is started by an unquoted registry entry. As there are spaces in this path, attackers with write privilege to those directories might be able to plant executables that will run in place of the legitimate proces...
CVE-2021-35231
As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. Example vulnerable path:...
CVE-2020-7821
Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry path. This can be leveraged for code execution by rebooting the victim’s PC...
CVE-2020-7821
Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry path. This can be leveraged for code execution by rebooting the victim’s PC...
Design/Logic Flaw
Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry path. This can be leveraged for code execution by rebooting the victim’s PC...
CVE-2020-7821 Tobesoft NEXACRO14/17 ExCommonApiV13 Arbitrary Code Execution Vulnerability
Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry path. This can be leveraged for code execution by rebooting the victim’s PC...
CVE-2020-7821
Nexacro14/17 ExtCommonApiV13 Library (versions prior to 2019.9.6) contains an input validation error that could allow a remote attacker to execute arbitrary code by modifying a registry path. This vulnerability is cited across multiple sources (Red Hat, CNVD, CVE listings) and is described as ena...