120 matches found
CVE-2026-2237
A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...
Fake Purchase Order Emails Spread Fileless PureLogs Malware via RAR Archives
Hackers are using fake purchase order emails and process hollowing to deploy fileless PureLogs malware to steal Windows users' browser, crypto, and Discord data...
Fake Claude AI Installer Targets Windows Users with PlugX Malware
Fake Claude AI installer mimicking Anthropic spreads PlugX malware on Windows, using DLL sideloading to gain persistent remote access to infected systems...
New ClickFix Scam Tricks Users Into Mapping Hacker-Controlled Drives
A new ClickFix scam tricks Windows users into running hidden commands that map hacker-controlled drives and load malware…...
CVE-2025-1789
Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system...
Genetec Update Service 安全漏洞
The Genetec Update Service is a patch distribution backend component of the American company Genetec. The Genetec Update Service has a security vulnerability, which stems from local privilege escalation. This vulnerability may allow low-privilege Windows users who are authenticated to gain elevat...
CVE-2025-1790
Local privilege escalation in Genetec Sipelia Plugin. An authenticated low-privileged Windows user could exploit this vulnerability to gain elevated privileges on the affected system...
Genetec Sipelia Plugin 安全漏洞
Genetec Sipelia Plugin is a communication management plugin developed by the American company Genetec. There is a security vulnerability in Genetec Sipelia, which stems from local privilege escalation. This vulnerability may allow low-privilege Windows users who are authenticated to gain elevated...
CVE-2026-25228 SignalK Server has Path Traversal leading to information disclosure
Signal K Server is a server application that runs on a central hub in a boat. Prior to 2.20.3, a path traversal vulnerability in SignalK Server's applicationData API allows authenticated users on Windows systems to read, write, and list arbitrary files and directories on the filesystem. The...
PT-2026-5731
Name of the Vulnerable Software and Affected Versions SignalK Server versions prior to 2.20.3 Description SignalK Server contains a path traversal issue in the applicationData API. Authenticated users on Windows systems can potentially read, write, and list arbitrary files and directories on the...
CVE-2021-41116
Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has been resolved in...
CVE-2026-20893
Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier. If this vulnerability is exploited, an attacker who can log in to the Windows system where the affected product is installed may execute arbitrary code with SYSTEM privilege and/o...
EUVD-2025-84343
A local server-side request forgery SSRF security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes...
EUVD-2020-30546
Malware in sbrugna...
EUVD-2021-1294
Malware in sbrugna...
EUVD-2021-2198
Malware in sbrugna...
EUVD-2025-18871
Malicious code in bioql PyPI...
EUVD-2025-7352
Malicious code in bioql PyPI...
EUVD-2022-1419
Malicious code in bioql PyPI...
EUVD-2025-21939
Malicious code in bioql PyPI...