Exploit for CVE-2025-54313

cve-2025-54313 Checks projects for compromised packages, suspi...

PT-2024-25708 · Adobe · Dimension

Name of the Vulnerable Software and Affected Versions: Adobe Dimension versions 3.4.11 and earlier Description: The issue is an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR...

PT-2024-6645 · Adobe · Illustrator

Name of the Vulnerable Software and Affected Versions: Adobe Illustrator versions 28.5, 27.9.4 and earlier Description: The issue is related to an improper input validation that could lead to an application denial-of-service condition. An attacker could exploit this to render the application...

How to Manually Update Suspicious File List

Intended Audience This article is intended for Windows-based Veeam Backup & Replication deployments where the software cannot access the internet to automatically update the SuspiciousFiles.xml file used by the Veeam Data Analyzer Service. In environments where the Veeam Backup Server can access...

JVN#78254777: Installer of Overwolf may insecurely load Dynamic Link Libraries

Overwolf is a software framework for creating applications for games. The Overwolf Installer contains an issue with the DLL search path CWE-427, which may lead to insecurely loading Dynamic Link Libraries stored in the same directory where the installer resides. Impact Arbitrary code may be...

UAC - Unix-like Artifacts Collector

UAC is a Live Response collection tool for Incident Response that makes use of built-in tools to automate the collection of Unix-like systems artifacts. It respects the order of volatility and artifacts that are changed during the execution. It was created to facilitate and speed up data...

Convuster: macOS adware now in Rust

Introduction Traditionally, most malicious objects detected on the macOS platform are adware: besides the already familiar Shlayer family, the TOP 10 includes Bnodlero, Cimpli, Adload and Pirrit adware. As a rule, most tend to be written in C, Objective-C or Swift. Recently, however, cybercrimina...

JVN#18056666: Installer of MagicConnect Client program may insecurely load Dynamic Link Libraries

Installer of MagicConnect Client program provided by NTT TechnoCross Corporation contains a vulnerability which may lead to insecurely loading Dynamic Link Libraries CWE-427 when a terminal is connected remotely using Remote desktop. Impact Arbitrary code may be executed with the privilege of the...

The installer of SKYSEA Client View may insecurely load Dynamic Link Libraries

Overview SKYSEA Client View provided by Sky Co., LTD. is an Enterprise IT Asset Management Tool. The installer of SKYSEA Client View contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. shogo kumamaru of LAC Co.,Ltd reported this...

PT-2020-4322 · Microsoft · Outlook

Name of the Vulnerable Software and Affected Versions: Microsoft Outlook versions prior to the fixed version Description: A remote code execution issue exists in Microsoft Outlook software due to improper handling of objects in memory. This could allow an attacker to run arbitrary code in the...

Explained: cloud-delivered security

As a counterpart to security for your assets in the cloud, you may also run into solutions that offer security from the cloud. These solutions are generally referred to as cloud-delivered security. Cloud-delivered security is sometimes called security-as-a-service which we will avoid here as it...

What’s Behind the Wolters Kluwer Tax Outage?

Early in the afternoon on Friday, May, 3, I asked a friend to relay a message to his security contact at CCH, the cloud-based tax division of the global information services firm Wolters Kluwer in the Netherlands. The message was that the same file directories containing new versions of CCH's...

JVN#83826673: The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting may insecurely load Dynamic Link Libraries

The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting provided by Micco use the old version of Self-Extracting Archives created by UNLHA32.DLL. They contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427, CVE-2018-16189. Impact Arbitrary...

The installer of MARKET SPEED may insecurely load Dynamic Link Libraries

Overview The installer of MARKET SPEED provided by Rakuten Securities, Inc. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Takashi Sugawara reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

Windows IExpress Untrusted Search Path Vulnerability

This host has IExpress bundled with Microsoft Windows and is prone to an untrusted search path vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...

Installer of ChatWork Desktop App for Windows may insecurely load Dynamic Link Libraries

Overview Installer of ChatWork Desktop App for Windows provided by ChatWork Co,. LTD. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Hamasaki Hiroki of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC...

JVN#39171169: Installer of ChatWork Desktop App for Windows may insecurely load Dynamic Link Libraries

Installer of ChatWork Desktop App for Windows provided by ChatWork Co,. LTD. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use t...

The installers of multiple CELSYS,Inc. software may insecurely load Dynamic Link Libraries

Overview The installers of multiple software provided by CELSYS,Inc. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the lates...

JVN#68345747: The installers of multiple CELSYS,Inc. software may insecurely load Dynamic Link Libraries

The installers of multiple software provided by CELSYS,Inc. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest install...

RedisWannaMine Unveiled: New Cryptojacking Attack Powered by Redis and NSA Exploits

Recently cryptojacking attacks have been spreading like wildfire. At Imperva we have witnessed it firsthand and even concluded that these attacks hold roughly 90% of all remote code execution attacks in web applications. Having said that, all of the attacks we have seen so far, were somewhat...