CVE-2021-28130

Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary e.g., frwlsvc.exe bypasses firewall filters...

mingw packages security and bug fix update

An update is available for mingw-binutils, mingw-bzip2, mingw-sqlite. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MinGW is a free and open source software...

Zoom Workplace VDI Client < 6.2.12 Vulnerability (ZSB-25015)

The version of Zoom Workplace VDI Client installed on the remote host is prior to 6.2.12. It is, therefore, affected by a vulnerability as referenced in the ZSB-25015 advisory. - Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial o...

EUVD-2019-2752

Malware in sbrugna...

EUVD-2011-0154

Malware in sbrugna...

EUVD-2024-3031

Malicious code in bioql PyPI...

EUVD-2024-2310

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-4762

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, iCloud before 6.0 on Windows, and Safari before 10 allows remote attackers to execute arbitrary...

Linux Distros Unpatched Vulnerability : CVE-2018-4232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTun...

SUSE CVE-2024-3566

A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied...

Exploit for CVE-2025-27210

CVE-2025-27210NodeJSPathTraversalExploiter Proof of Conce...

CVE-2024-46992

Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 30.0.0-alpha.1 to before 30.0.5 and 31.0.0-alpha.1 to before 31.0.0-beta.1, Electron is vulnerable to an ASAR Integrity bypass. This only impacts apps that have the...

BIT-NODE-2024-3566 Command injection vulnerability in programing languages on Microsoft Windows operating system.

A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied...

CVE-2024-3566

A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied...

CVE-2023-41743

Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office Windows before build 40278, Acronis Cyber Protect Cloud Agent Windows before build 31637, Acronis Cyber Protect 15 Windows before build 35979,...

netty: Denial of Service attack on windows app using Netty

A flaw was found in Netty. An unsafe reading of the environment file could cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crash...

CVE-2025-27443

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access...

CVE-2025-30670 Zoom Workplace Apps for Windows - Null Pointer

Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access...

BIT-RUBY-MIN-2021-28966

In Ruby through 3.0 on Windows, a remote attacker can submit a crafted path when a Web application handles a parameter with TmpDir...

PT-2024-5135 · Zoom · Zoom

Name of the Vulnerable Software and Affected Versions: Zoom versions prior to 6.0.0 Description: The issue is related to a race condition error in the installer for some Zoom Apps and SDKs for Windows, which may allow an authenticated user to conduct a privilege escalation via local access. This ...