Lucene search
+L

123 matches found

CVE
CVE
added 2022/06/20 10:15 a.m.68 views

CVE-2022-1824

McAfee Consumer Product Removal Tool (MCPR) versions prior to 10.4.128 are affected by an uncontrolled search path vulnerability that enables a local user to perform a sideloading attack via a specific filename, potentially gaining elevated privileges and executing arbitrary code due to insuffici...

8.2CVSS8.2AI score0.00348EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/06/20 12:0 a.m.4 views

PT-2022-14143 · Mcafee · Mcafee Consumer Product Removal Tool

Name of the Vulnerable Software and Affected Versions: McAfee Consumer Product Removal Tool versions prior to 10.4.128 Description: An uncontrolled search path issue could allow a local attacker to perform a sideloading attack by using a specific file name, potentially resulting in elevated...

8.2CVSS8.2AI score0.00348EPSS
Exploits0References2
Talos Blog
Talos Blog
added 2022/04/22 10:40 a.m.16 views

Threat Source newsletter (April 21, 2022) — Sideloading apps is as safe as you make it

By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. If you pay attention to the video game community as much as I do, you’ve been closely following the ongoing legal battle between Apple and Epic over the sale of “Fortnite” on the Apple App Store. I promise... This is...

1.5AI score
Exploits0
NVD
NVD
added 2021/09/22 2:15 p.m.25 views

CVE-2021-31841

A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the ability to execute...

8.2CVSS0.00241EPSS
Exploits0References1
OSV
OSV
added 2021/09/22 2:15 p.m.5 views

CVE-2021-31841

A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the ability to execute...

7.3CVSS6AI score0.00241EPSS
Exploits0References1
Prion
Prion
added 2021/09/22 2:15 p.m.14 views

Design/Logic Flaw

A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the ability to execute...

6.9CVSS7.3AI score0.00241EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/22 1:25 p.m.32 views

CVE-2021-31841 DLL side loading vulnerability in MA for Windows

A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the ability to execute...

8.2CVSS8.5AI score0.00241EPSS
Exploits0References1
CVE
CVE
added 2021/09/22 1:25 p.m.77 views

CVE-2021-31841

The CVE-2021-31841 entry affects McAfee Agent for Windows prior to 5.7.4. The vulnerability is a DLL sideloading flaw caused by not validating DLL signatures, allowing a local user to load an unsigned DLL from a specific location and gain elevated permissions to execute code as the SYSTEM account...

8.2CVSS7.8AI score0.00241EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/09/22 12:0 a.m.5 views

PT-2021-19543 · Mcafee · Mcafee Agent For Windows

Name of the Vulnerable Software and Affected Versions: McAfee Agent for Windows versions prior to 5.7.4 Description: A DLL sideloading issue could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the...

8.2CVSS7.4AI score0.00241EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2021/08/09 4:18 p.m.92 views

Android Malware ‘FlyTrap’ Hijacks Facebook Accounts

Researchers have uncovered a new Android trojan, dubbed FlyTrap, that’s spread to more than 10,000 victims via rigged apps on third-party app stores, sideloaded apps and hijacked Facebook accounts. In a report posted on Monday, Zimperium’s zLabs mobile threat research teams wrote that FlyTrap has...

6.9AI score
Exploits0References10
Kitploit
Kitploit
added 2021/07/09 12:30 p.m.192 views

WFH - Windows Feature Hunter

Windows Feature Hunter WFH is a proof of concept python script that uses Frida, a dynamic instrumentation toolkit, to assist in potentially identifying common “vulnerabilities” or “features” within Windows executables. WFH currently has the capability to automatically identify potential Dynamic...

7.5AI score
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2020/11/30 10:30 p.m.75 views

Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them

Cryptocurrency miners are typically associated with cybercriminal operations, not sophisticated nation state actor activity. They are not the most sophisticated type of threats, which also means that they are not among the most critical security issues that defenders address with urgency. Recent...

8.4AI score
Exploits0
Oracle linux
Oracle linux
added 2020/11/17 12:0 a.m.75 views

firefox security update

78.4.1-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.4.1-1 - Update to 78.4.1 78.4.0-3 - Fixing flatpak build, fixing firefox.sh.in to not disable langpacks loading 78.4.0-2 - Enable addon sideloading 78.4.0-1 - Update to...

9.3CVSS0.9AI score0.42327EPSS
Exploits4
Oracle linux
Oracle linux
added 2020/11/14 12:0 a.m.85 views

firefox security update

78.4.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one Tue Nov 10 2020 [email protected] - 78.4.1-1 - Update to 78.4.1 - Filtering nss/nspr libs 78.4.0-3 - Fixing flatpak build, fixing firefox.sh.in to not disable langpacks loading 78.4.0-2 ...

9.3CVSS0.3AI score0.42327EPSS
Exploits4
Oracle linux
Oracle linux
added 2020/11/13 12:0 a.m.58 views

firefox security update

78.4.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file Tue Nov 10 2020 [email protected] - 78.4.1-1 - Update to 78.4.1 - Filtering nss/nspr libs 78.4.0-3 -...

9.3CVSS1AI score0.42327EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2020/09/09 12:0 a.m.34 views

openSUSE Security Update : MozillaFirefox (openSUSE-2020-1384)

This update for MozillaFirefox fixes the following issues : - Firefox Extended Support Release 78.2.0 ESR - Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.2 MFSA 2020-38 bsc1175686 - CVE-2020-15663 bmo1643199 Downgrade attack on the Mozilla Maintenance Servic...

9.3CVSS7.6AI score0.02716EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/04/17 12:0 a.m.30 views

TeamViewer Windows Service DLL Sideloading Vulnerability

A Dll sideloading vulnerability exist in TeamViewer 11 prior to 11.0.214397, TeamViewer 12 prior to 12.0.214399, TeamViewer 13 prior to 13.2.36216,TeamViewer 11 prior to 11.0.214397, on Windows could allow an attacker to perform code execution via service restart where the DLL was previously...

6.9CVSS7.1AI score0.00633EPSS
Exploits0References2
CNVD
CNVD
added 2020/02/21 12:0 a.m.6 views

Trend Micro Vulnerability Protection DLL Sideloading Vulnerability

Trend Micro Vulnerability Protection is an endpoint vulnerability protection product that provides one step faster and stronger endpoint protection. A DLL side-loading vulnerability exists in Trend Micro Vulnerability Protection 2.0. The vulnerability can be exploited by an attacker via the produ...

7.8CVSS7AI score0.00403EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2019/09/25 5:27 p.m.83 views

'Narrator' Windows Utility Trojanized to Gain Full System Control

A suspected Chinese advanced persistent threat APT group has been spotted attacking tech companies using a trojanized screen-reader application, replacing the built-in Narrator “Ease of Access” feature in Windows. According to BlackBerry Cylance, the attackers also deploy a version of the...

2.2AI score
Exploits0References3
The Hacker News
The Hacker News
added 2018/08/06 9:55 a.m.37 views

Fortnite APK Download for Android Won't Be Available on Google Play Store

There's both good news and bad news for Fortnite game lovers. Fortnite, one of the most popular games in the world right now, is coming to Android devices very soon, but players would not be able to download Fortnite APK from the Google Play Store. Instead, Epic Games software development company...

6.8AI score
Exploits0
Rows per page
Query Builder