Uncontrolled Search Path Element

Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to the insecure default configuration that loads configuration files from the C:\etc directory on Windows systems. An attacker can compromise confidentiality, integrity, and availability by placing...

EUVD-2005-4412

Malware in sbrugna...

EUVD-2002-1902

Malware in sbrugna...

EUVD-2023-39833

Malicious code in bioql PyPI...

Exploit for Path Traversal in Rarlab Winrar

WinRAR-CVE-2025-8088-PoC-RAR WinRAR 0day CVE-2025-8088 PoC RA...

PrivescCheck

PrivescCheck This script aims to identify Local Privilege Escalation LPE vulnerabilities that are usually due to Windows configuration issues, or bad practices. It can also gather useful information for some exploitation and post-exploitation tasks. Getting started After downloading the script an...

Jupyter Core 代码问题漏洞

Jupyter Core is a Jupyter Core feature of Jupyter Open Source. A code issue vulnerability exists in Jupyter Core versions prior to 5.8.0 that stems from searching for configuration files in the shared %PROGRAMDATA% directory on Windows, which could lead to a user creating configuration files that...

CVE-2025-24473

A exposure of sensitive system information to an unauthorized control sphere vulnerability in Fortinet FortiClientWindows 7.2.0 through 7.2.1, FortiClientWindows 7.0.13 through 7.0.14 may allow an unauthorized remote attacker to view application information via navigation to a hosted webpage, if...

CVE-2024-25728

ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers, which may allow remote attackers to obtain sensitive information about...

PT-2025-20824 · Conda Forge +2 · Conda-Forge Openssl-Feedstock +2

Name of the Vulnerable Software and Affected Versions: conda-forge openssl-feedstock versions before 066e83c 2024-05-20 Miniforge versions before 24.5.0 Description: The issue concerns a configuration in conda-forge openssl-feedstock on Microsoft Windows, where OpenSSL uses an OPENSSLDIR file pat...

CVE-2025-26169

IXON VPN Client before 1.4.4 on Windows allows Local Privilege Escalation to SYSTEM because there is code execution from a configuration file that can be controlled by a low-privileged user. There is a race condition in which a temporary configuration file, in a world-writable directory, can be...

CVE-2025-26169

CVE-2025-26169 affects IXON VPN Client for Windows prior to 1.4.4. The issue allows Local Privilege Escalation to SYSTEM due to code execution from a configuration file that can be controlled by a low-privileged user, with a race condition that lets a temporary config file in a world-writable dir...

Configuring USB Device Auto redirection on newer Citrix workspace App for Windows

USB Device Auto redirection configuration on newer Citrix workspace App for Windows...

Design/Logic Flaw

The Crimson 3.2 Windows-based configuration tool allows users with administrative access to define new passwords for users and to download the resulting security configuration to a device. If such a password contains the percent % character, invalid values will be included, potentially truncating...

Changing the Service startup timeout (ServicesPipeTimeout) in Windows

If a service doesn't start within a set amount of time, Windows will kill it and put an error in the System event log. You might decide that you need to extend the service startup timeout. Or, if your services are complaining about a startup timeout too quickly, you might decide you need to check...

Bluewall - A Firewall Framework Designed For Offensive And Defensive Cyber Professionals

Bluewall is a firewall framework designed for offensive and defensive cyber professionals. This framework allows Cybersecurity professionals to quickly setup their environment while staying within their scope. Credit Inspired by Andrew Benson's hostfw iptable generation script. Features Bluewall...

Red Lion Controls Crimson

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Red Lion Controls Equipment: Crimson Windows configuration software Vulnerabilities: Use After Free, Improper Restriction of Operations within the Bounds of a Memory Buffer, Pointer Issues, Use of...

Configuration of DPI matching and client-side scaling with Citrix Workspace app for Windows

DPI scaling is a critical consideration when using high-resolution monitors over 1920x1080 with Citrix Virtual Apps and Desktops. Without the proper product versions and configuration, the Citrix session could be displayed at resolutions and scales that diverge from the local client configuration...

How to Manually Install and Configure Citrix Receiver for Pass-Through Authentication

Citrix Workspace app is the new universal app for all workspace services, that will encompass all Citrix clients and app capabilities over time. This article describes how to install Citrix Receiver for Windows and configure Single Sign-on authentication to XenApp/XenDesktop. After configuring...