Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Trend Micro Simply Security
Trend Micro Simply Securityadded 2023/01/26 12:0 a.m.21 views

New Mimic Ransomware Abuses Everything APIs for its Encryption Process

Trend Micro researchers discovered a new ransomware that abuses the APIs of a legitimate tool called Everything, a Windows filename search engine developed by Voidtools that offers quick searching and real-time updates for minimal resource usage...

3.3AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2021/07/09 5:40 a.m.2 views

voidtools "Everything" vulnerable to HTTP header injection

Overview The HTTP server of Everything provided by voidtools contains an HTTP header injection vulnerability CWE-644. Kusano Kazuhiko reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact On the web browser of a...

6.1CVSS7AI score0.00831EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2021/07/09 12:0 a.m.97 views

JVN#68971465: voidtools "Everything" vulnerable to HTTP header injection

The HTTP server of Everything provided by voidtools contains an HTTP header injection vulnerability CWE-644. Impact On the web browser of a user who accessed a website which uses the product, an arbitrary script may be executed or the displayed page may be altered. Solution Update the application...

6.1CVSS6.3AI score0.00831EPSS
Exploits0
NVD
NVDadded 2020/08/21 3:15 a.m.8 views

CVE-2020-24567

voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuratio...

7.8CVSS7.8AI score0.00134EPSS
Exploits1References2
Prion
Prionadded 2020/08/21 3:15 a.m.6 views

Design/Logic Flaw

voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuratio...

6.9CVSS7.7AI score0.00134EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2020/08/21 2:26 a.m.53 views

CVE-2020-24567

The CVE affects voidtools Everything prior to 1.4.1 Beta Nightly 2020-08-18. A local privilege-escalation exists via a Trojan horse urlmon.dll placed in the installation directory, applicable when low-privilege users can write to that directory. The root cause is a writable installation directory...

7.8CVSS7.7AI score0.00134EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2020/08/21 2:26 a.m.15 views

CVE-2020-24567

voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuratio...

7.8AI score0.00134EPSS
Exploits1References2
Rows per page
Query Builder