Lucene search
K

45 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-14304

Malware in sbrugna...

8.6CVSS8.8AI score0.0162EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-0563

Malware in sbrugna...

9.6CVSS9.2AI score0.01863EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-4588

Malware in sbrugna...

9.3CVSS7.7AI score0.02176EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-1999-0444

Malware in sbrugna...

5CVSS6.4AI score0.16237EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2022-7010

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.03207EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/21 6:9 p.m.8 views

CVE-1999-0444

Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files...

5CVSS7.1AI score0.16237EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.7 views

Microsoft Azure Connected Machine Agent 后置链接漏洞

Microsoft Azure Connected Machine Agent is a U.S.-based Microsoft company's ability to manage Windows and Linux computers hosted outside of Azure on a corporate network or other cloud provider. A backlink vulnerability exists in Microsoft Azure Connected Machine Agent. An attacker could exploit t...

7.8CVSS6.4AI score0.00632EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/01/05 5:16 a.m.51 views

New Bandook RAT Variant Resurfaces, Targeting Windows Machines

A new variant of remote access trojan called Bandook has been observed being propagated via phishing attacks with an aim to infiltrate Windows machines, underscoring the continuous evolution of the malware. Fortinet FortiGuard Labs, which identified the activity in October 2023, said the malware ...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/12 10:1 a.m.40 views

Sophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine Clipper

A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and RedLine Clipper, to gather a wide range of information from compromised Windows machines. "A phishing email delivers the Word document as an...

7AI score
Exploits0
HackRead
HackRead
added 2023/07/12 8:26 p.m.18 views

New Attack Drops LokiBot Malware Via Malicious Macros in Word Docs

By Waqas LokiBot, a notorious Trojan active since 2015, specializes in stealing sensitive information from Windows machines, posing a significant threat to user data. This is a post from HackRead.com Read the original post: New Attack Drops LokiBot Malware Via Malicious Macros in Word Docs...

6.6AI score
Exploits0
Vulnrichment
Vulnrichment
added 2022/10/25 12:0 a.m.4 views

CVE-2022-39327 Improper Control of Generation of Code ('Code Injection') in Azure CLI

Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an external source. T...

8.1CVSS7.8AI score0.03207EPSS
Exploits1References3
Kitploit
Kitploit
added 2022/09/12 11:30 a.m.58 views

PersistenceSniper - Powershell Script That Can Be Used By Blue Teams, Incident Responders And System Administrators To Hunt Persistences Implanted In Windows Machines

PersistenceSniper is a Powershell script that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. The script is also available on Powershell Gallery. --- The Why Why writing such a tool, you might ask. Well, for starters, I...

7.5AI score
Exploits0References8
The Hacker News
The Hacker News
added 2021/08/17 11:55 a.m.42 views

Malicious Ads Target Cryptocurrency Users With Cinobi Banking Trojan

A new social engineering-based malvertising campaign targeting Japan has been found to deliver a malicious application that deploys a banking trojan on compromised Windows machines to steal credentials associated with cryptocurrency accounts. The application masquerades as an animated porn game, ...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/05/27 10:3 a.m.59 views

Hackers Using Fake Foundations to Target Uyghur Minority in China

The Uyghur community located in China and Pakistan has been the subject of an ongoing espionage campaign aiming to trick the targets into downloading a Windows backdoor to amass sensitive information from their systems. "Considerable effort was put into disguising the payloads, whether by creatin...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2021/03/24 2:56 p.m.45 views

Purple Fox Malware Targets Windows Machines With New Worm Capabilities

A malware that has historically targeted exposed Windows machines through phishing and exploit kits has been retooled to add new “worm” capabilities. Purple Fox, which first appeared in 2018, is an active malware campaign that until recently required user interaction or some kind of third-party...

0.2AI score
Exploits0References8
Hacker One
Hacker One
added 2021/03/21 6:11 p.m.153 views

HackerOne: CSV injection in the credentials export

Summary: Hello team! We have found out that a hacker can inject malicious excel formulas into the credentials details which will be executed when program user exports the credentials details via https://hackerone.com/hackeroneh1pbbp3/credentials - export credentials and opens this CSV using MS...

0.6AI score
Exploits0
Node.js
Node.js
added 2021/02/24 2:58 a.m.50 views

Directory Traversal

Overview Impact Clients of FTP servers utilizing ftp-srv hosted on Windows machines can escape the FTP user's defined root folder using the expected FTP commands, for example, CWD and UPDR. Background When windows separators exist within the path , path.resolve leaves the upper pointers intact an...

5.5CVSS0.6AI score0.01863EPSS
Exploits1Affected Software1
NVD
NVD
added 2021/02/10 6:15 p.m.28 views

CVE-2020-26299

ftp-srv is an open-source FTP server designed to be simple yet configurable. In ftp-srv before version 4.4.0 there is a path-traversal vulnerability. Clients of FTP servers utilizing ftp-srv hosted on Windows machines can escape the FTP user's defined root folder using the expected FTP commands,...

9.6CVSS0.01863EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2020/06/04 9:12 p.m.70 views

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.3CVSS7.4AI score0.0239EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2020/05/08 12:0 a.m.284 views

ManageEngine Asset Explorer Windows Agent Remote Code Execution

XL-2020-003 - Asset Explorer Windows Agent - Remote Code Execution =============================================================================== Identifiers ------------------------------------------------- CVE-2020-8838 XL-20-003 CVSSv3 score ------------------------------------------------- 7...

4.9CVSS0.1AI score0.01557EPSS
Exploits3
Rows per page
Query Builder