1626 matches found
Intelbras WIN 300/WRN 342 - Credentials Disclosure
Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the defwirelesspassword line in the HTML source code. id: CVE-2021-3017 info: name: Intelbras WIN 300/WRN 342 - Credentials Disclosure author: pikpikcu severity: high description:...
CVE-2026-46655
A flaw was found in virtio-win. A low-integrity process can issue an IOCTL request to viosock.sys!VIOSockSelect with a maliciously crafted request that causes an integer overflow. This allows the process to circumvent bounds checking, resulting in a heap overflow in the NonPagedPool kernel heap...
Malicious code in ecto-spirit-win-k4n8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bca2b14b2c93ed832aa83a138c20bc53b4e053cf282ef5878333b1f50b803e55 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ecto-win-flag-q2m7 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6344042aff547b32cf30bc456be25e1229f921217ec0d6777f470174df10792 On npm install, postinstall.js executes a harvest-and-exfiltrate chain against the installer's machine. It reads files under /app, /root, and...
Malicious Package
Overview ecto-win-flag-q2m7 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview ecto-spirit-win-k4n8 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-5691 Malicious code in ecto-spirit-win-k4n8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bca2b14b2c93ed832aa83a138c20bc53b4e053cf282ef5878333b1f50b803e55 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5692 Malicious code in ecto-win-flag-q2m7 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6344042aff547b32cf30bc456be25e1229f921217ec0d6777f470174df10792 On npm install, postinstall.js executes a harvest-and-exfiltrate chain against the installer's machine. It reads files under /app, /root, and...
CVE-2026-45601
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-42911
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-42911
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-34335
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-45603 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
...
CVE-2026-45601 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...
CVE-2026-34335 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
...
PT-2026-47865
Name of the Vulnerable Software and Affected Versions Windows Ancillary Function Driver for WinSock affected versions not specified Description A use after free issue in the Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Use after free i...
CODESYS多款产品 安全漏洞
CODESYS Control and others are products of the German company CODESYS. CODESYS Control is a set of industrial control programming software. CODESYS is an industrial control automation software. CODESYS HMI is a visualization software. Several CODESYS products have security vulnerabilities. These...
CVE-2026-34344
Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-41088
Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...