267 matches found
CVE-2025-50124
A CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation when the server is accessed by a privileged account via a console and through exploitation of a setup script...
CVE-2025-50124
CVE-2025-50124 affects Schneider Electric EcoStruxure IT Data Center Expert (DCE) prior to version 9.0 (8.3 and earlier). The vulnerability stems from a Charon executable/configuration that can be abused by a low-privileged attacker to gain root privileges, enabling privilege escalation via local...
PT-2025-29225 · Apache · Apache Server
Name of the Vulnerable Software and Affected Versions: Apache Server affected versions not specified Description: An Improper Privilege Management issue exists that could allow privilege escalation when the server is accessed by a privileged account via a console and through exploitation of a set...
Shr3dKit
This is a Red Team Tool Kit repository, specifically designed for penetration testing and red teaming activities. The tool kit is influenced by infosecn1nja's kit and includes a wide range of tools for reconnaissance, weaponization, and delivery. The repository contains a total size of 2.5+Gb and...
GHSA-RM69-WVPV-R2W7 Kedro allows Remote Code Execution by Pulling Micro Packages
In kedro-org/kedro version 0.19.8, the pullpackage API function allows users to download and extract micro packages from the Internet. However, the function projectwheelmetadata within the code path can execute the setup.py file inside the tar file, leading to remote code execution RCE by running...
PT-2025-6196 · Mentor Graphics · Modelsim +1
Name of the Vulnerable Software and Affected Versions: ModelSim versions prior to V2025.1 Questa versions prior to V2025.1 Description: A vulnerability has been identified that allows an authenticated local attacker to inject arbitrary code and escalate privileges. This is possible because an...
The vulnerability of the McAfee Direct Stub Installer, a component of the anti-virus protection software McAfee Total Protection, allows a perpetrator to enhance their privileges and execute arbitrary code.
The vulnerability of the McAfee Total Protection antivirus protection tool’s installation script is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...
Malicious code in bettercolorstesting (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 607fc60886a9983c22c65cd01bb93585f27b0830f203f3b3b181ff12026ea036 Packages either test the malicious behaviour, or actually download and run a simple remote script during the installation. --- Category: PROBABLYPENTEST -...
Malicious code in botoceor (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8bf39054053dfe99fc83c836bb407659d11241cc09f2572a72524d980b9c5914 During installation, a cryptominer is secretly installed and started. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
MAL-2024-12359 Malicious code in test-packages1 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5c5608702af52a2ca19f0b384036f76248848f4b4ddbe582631d85b3f5e77dca Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...
Malicious code in get-time-zzs (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 32b5c264a16b0327f601265edb8f3d69b915695ab82d184c724d5e79d32d3f11 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in test-tool-devdevrl-hackerone (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9ebec7caa83974b9d99d79e73ba3ba948318120279d3a5b2a97ee7efddc023ef Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in shiva-rao23 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 547111e4f321ae5a7e00fdb3d22ee785be4cfff6d16243510d4579232351e895 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in dependency00011124931 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8fa6dafeedc48e6511a70676806da412d047f7f235f471a29c98afb9931cbbf2 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
MAL-2024-12211 Malicious code in azure-projects (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 aa8974ecfad0d7fc824d50482bd3fb2954373e3b2227d1adc2220bc309c258f1 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
MAL-2024-12290 Malicious code in ibmodules (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 528799dcf6ef54776c89013435fe9dd3f4bd84ca5dd02a9defad3e9c86632e7c Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
MAL-2024-12278 Malicious code in gltest (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 538a0e3540a764042a57930b8729d61b05747d057875504da316d6ee14bf91fd Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
MAL-2024-12325 Malicious code in pitest115 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eafda224bcd5572ef89818a64323563992432421a36cdec585dee3dc0a04469c Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
MAL-2024-12260 Malicious code in easyioctl (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 17bb7b2d6ca02c6c077bc420bf4b9136e424f53cf276f61529b19806e5bb5bca Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
MAL-2024-12334 Malicious code in python-project-wntliogu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 82bffbaa9f040ea19ff4e9fe678df68b1be71418f80fcd665ecc4f729512df19 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...