AMD Server Software and Embedded Chipset Driver Vulnerabilities Identified in Windows® Environments

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0432| Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.|...

CVE-2026-33227

Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ Web, Apache ActiveMQ. In two instances when creating a Stomp consumer and also browsing messages in the Web console an authenticated...

PT-2026-5318

The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows certificate directory grant every user read access, which results in...

CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People's Republic of China PRC to maintain long-term persistence on compromised systems. "BRICKSTORM is a...

EUVD-2003-0513

Malware in sbrugna...

EUVD-2007-6669

Malware in sbrugna...

EUVD-2024-50521

Malicious code in bioql PyPI...

CVE-2024-53268

Joplin is an open source, privacy-focused note taking app with sync capabilities for Windows, macOS, Linux, Android and iOS. In affected versions attackers are able to abuse the fact that openExternal is used without any filtering of URI schemes to obtain remote code execution in Windows...

Domain Escalation – PrintNightmare

Printers are part of every corporate infrastructure therefore Windows environments they have a number of embedded drivers installed. The Print Spooler spoolsv.exe service is responsible… Continue reading - Domain Escalation - PrintNightmare...

Universal Privilege Escalation and Persistence – Printer

The Print Spooler is responsible to manage and process printer jobs. It runs as a service with SYSTEM level privileges on windows environments. Abuse of… Continue reading - Universal Privilege Escalation and Persistence - Printer...

Dumping RDP Credentials

Administrators typically use Remote Desktop Protocol RDP in order to manage Windows environments remotely. It is also typical RDP to be enabled in systems that… Continue reading - Dumping RDP Credentials...

Dumping RDP Credentials

Administrators typically use Remote Desktop Protocol RDP in order to manage Windows environments remotely. It is also typical RDP to be enabled in systems that… Continue reading - Dumping RDP Credentials...

Lateral Movement – RDP

The Remote Desktop Protocol RDP is widely used across internal networks by Administrators. This allows systems owners and admins to manage Windows environments remotely. However RDP can give various opportunities to an attacker to conduct attacks that can be used for lateral movement in red team...

Summit Computer Networks Lil' HTTP Server 2.1/2.2 pbcgi.cgi Cross Site Scripting

No description provided by source. source: http://www.securityfocus.com/bid/5211/info Lil' HTTP server is a web server application for Windows environments and is maintained by Summit Computer Networks. It is possible for attackers to construct a URL to the 'pbcgi.cgi' script which includes...

ArGoSoft 1.8 Mail Server Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5144/info ArGoSoft Mail Server is an STMP, POP3 and Finger server for Microsoft Windows environments. ArGoSoft has a built in web server to enable remote access to mail. A directory traversal issue has been reported in th...

Summit Computer Networks Lil' HTTP Server 2 URLCount.CGI HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5115/info Lil' HTTP server is a web server application for Windows environments and is maintained by Summit Computer Networks. Reportedly, Lil' HTTP Server is vulnerable to HTML injection attacks. The vulnerability is...

DNS Poisoning via Port Exhaustion

Hey, Today we are releasing a very interesting whitepaper which describes a DNS poisoning attack against stub resolvers. It discloses two vulnerabilities: 1. A vulnerability in Java CVE-2011-3552, CVE-2010-4448 which enables remote DNS poisoning using Java applets. This vulnerability can be...

CVE-2003-0519

Certain versions of Internet Explorer 5 and 6, in certain Windows environments, allow remote attackers to cause a denial of service freeze via a URL to C:\aux MS-DOS device name and possibly other devices...

CVE-2003-0519

Certain versions of Internet Explorer 5 and 6, in certain Windows environments, allow remote attackers to cause a denial of service freeze via a URL to C:\aux MS-DOS device name and possibly other devices...

Summit Computer Networks Lil' HTTP Server 2.1/2.2 - 'pbcgi.cgi' Cross-Site Scripting

source: https://www.securityfocus.com/bid/5211/info Lil' HTTP server is a web server application for Windows environments and is maintained by Summit Computer Networks. It is possible for attackers to construct a URL to the 'pbcgi.cgi' script which includes scripting code to execute in a user's...