CVE-2022-23611

iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize image file paths leading to OS level command injection. This issue has been patched in commit cdcd48b. Users are advised to upgrade...

Intel System Support Utility for Windows 代码问题漏洞

Intel System Support Utility for Windows is a Windows platform-based system support utility from Intel Corporation USA. The program is mainly used to identify the hardware model, operating system version, and software installed on the computer. A code issue vulnerability exists in Intel System...

EUVD-2022-28580

Malicious code in bioql PyPI...

Inteset Systems Secure Lockdown 安全漏洞

Inteset Systems Secure Lockdown is a Windows lockdown utility from Inteset Systems, Inc. Allows access to only desired applications from a highly customizable menu. A security vulnerability exists in Inteset Systems Secure Lockdown version v2.00.219, which stems from a vulnerability that allows a...

Cybercriminals Swarm Windows Utility Regsvr32 to Spread Malware

A Windows living-off-the-land binary LOLBin known as Regsvr32 is seeing a big uptick in abuse of late, researchers are warning, mainly spreading trojans like Lokibot and Qbot. LOLBins are legitimate, native utilities used daily in various computing environments, that cybercriminals use to evade...

Arbitrary file deletion

iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize user input used to remove files leading to file deletion only limited by the process permissions. Users are advised to upgrade as soon as possible...

Out-of-Band Detection for Log4Shell

Log4j is the de facto logging library for all Java applications, as Log4j is used in most Java-based applications. The challenge is that Java applications that use the log4j-vulnerable library can be coded, packaged, and deployed using different methods – this introduces a challenge for detection...

CVE-2021-22980

In Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility CTU for Windows could allow an attacker to load a malicious DLL library from its current directory. User...

Hackers compromised IObit forum to spread DeroHE ransomware

By Waqas Over the weekend, Windows utility developer IObit was hacked to facilitate a widespread attack for distributing the DeroHE ransomware. This is a post from HackRead.com Read the original post: Hackers compromised IObit forum to spread DeroHE ransomware...

North Korea-Backed Spy Group Poses as Reporters in Spearphishing Attacks, Feds Warn

The North Korean advanced persistent threat APT group known as Kimsuky is actively attacking commercial-sector businesses, often by posing as South Korean reporters, according to an alert from the U.S. Cybersecurity and Infrastructure Security Agency CISA. Kimsuky a.k.a. Hidden Cobra has been...

Despite Ringleader’s Arrest, Cobalt Group Still Active

Evidence has surfaced that the Cobalt Group – the threat actors behind widespread attacks on banks and ATM jackpotting campaigns across Europe – is continuing to operate, despite the arrest of its accused ringleader in March. The Cobalt Group, first burst on the scene in 2016: in a single night,...

MP3 Cutter 1.1.0 Registration Bypass

Document Title: =============== MP3 Cutter 1.1.0 - Reverse Engineering Issue Release Date: ============= 2016-09-05 Vulnerability Disclosure Timeline: ================================== 2016-09-15: Public Disclosure Common Vulnerability Scoring System: ==================================== 6 Produ...

Core Windows Utility Can Be Used to Bypass AppLocker

A core Windows command-line utility, Regsvr32, used to register DLLs to the Windows Registry can be abused to run remote code from the Internet, bypassing whitelisting protections such as Microsoft’s AppLocker. A researcher who requested anonymity found and privately disclosed the issue to...

DomainHostingView v1.61 - Show domain hosting information

DomainHostingView is a utility for Windows that collects extensive information about a domain by using a series of DNS and WHOIS queries, and generates HTML report that can be displayed in any Web browser. The information displayed by the report of DomainHostingView includes: the hosting company ...

Netzip Classic ZIP file parsing buffer overflow

Added: 11/04/2011 BID: 46059 Background Netzip Classic is a Windows utility for downloading and decompressing files. Problem A buffer overflow vulnerability allows command execution when a user opens a specially crafted ZIP file and double-clicks on the file contained in it. Resolution Do not use...

Netzip Classic ZIP file parsing buffer overflow

Added: 11/04/2011 BID: 46059 Background Netzip Classic is a Windows utility for downloading and decompressing files. Problem A buffer overflow vulnerability allows command execution when a user opens a specially crafted ZIP file and double-clicks on the file contained in it. Resolution Do not use...

Microsoft Window Utility Manager Local Elevation of Privileges

Microsoft Window Utility Manager Local Elevation of Privileges July 13, 2004 Credit: This vulnerability was researched and discovered by Cesar Cerrudo. Risk Level: High Summary: A local elevation of privileges exists in the Windows Utility Manager which allows any user to take complete control ov...

Microsoft Windows Utility Manager launches applications with system privileges

Overview The Microsoft Windows 2000 Utility Manager allows authenticated local users to launch applications with SYSTEM privileges. Description The Microsoft Windows 2000 Utility Manager is a program that permits users to monitor and launch various accessibility applications. This program contain...

MS Windows Utility Manager Local SYSTEM Exploit (MS04-011)

Exploit for unknown platform in category local exploits ========================================================== MS Windows Utility Manager Local SYSTEM Exploit MS04-011 ========================================================== // By Cesar Cerrudo cesar appsecinc com // Local elevation of...

Microsoft Windows Utility Manager - Local Privilege Escalation (MS04-011)

Microsoft Windows Utility Manager - Local Privilege Escalation MS04-011 // By Cesar Cerrudo cesar appsecinc com // Local elevation of priviliges exploit for Windows Utility Manager // Gives you a shell with system privileges // If you have problems try changing Sleep values. include include inclu...