CVE-2024-57211

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the modifyOne parameter in the enablewsh function...

PT-2025-3409 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A6000R version V1.0.1-B20201211.2000 Description: A command injection issue was discovered via the modifyOne parameter in the enable wsh function. This allows for potential exploitation. Recommendations: For TOTOLINK A6000R version...

CVE-2023-1003

A vulnerability, which was classified as critical, was found in Typora up to 1.5.5 on Windows. Affected is an unknown function of the component WSH JScript Handler. The manipulation leads to code injection. An attack has to be approached locally. The exploit has been disclosed to the public and m...

Code injection

A vulnerability, which was classified as critical, was found in Typora up to 1.5.5 on Windows. Affected is an unknown function of the component WSH JScript Handler. The manipulation leads to code injection. An attack has to be approached locally. The exploit has been disclosed to the public and m...

Typora 代码注入漏洞

Typora is an editor. A code injection vulnerability exists in versions prior to Typora 1.5.8, which stems from a problem with the component WSH JScript Handle that can lead to code injection...

CVE-2023-1004

A vulnerability has been found in MarkText up to 0.17.1 on Windows and classified as critical. Affected by this vulnerability is an unknown functionality of the component WSH JScript Handler. The manipulation leads to code injection. Local access is required to approach this attack. The exploit h...

CVE-2023-1004

A vulnerability has been found in MarkText up to 0.17.1 on Windows and classified as critical. Affected by this vulnerability is an unknown functionality of the component WSH JScript Handler. The manipulation leads to code injection. Local access is required to approach this attack. The exploit h...

Code injection

A vulnerability has been found in MarkText up to 0.17.1 on Windows and classified as critical. Affected by this vulnerability is an unknown functionality of the component WSH JScript Handler. The manipulation leads to code injection. Local access is required to approach this attack. The exploit h...

CVE-2023-1004 MarkText WSH JScript code injection

A vulnerability has been found in MarkText up to 0.17.1 on Windows and classified as critical. Affected by this vulnerability is an unknown functionality of the component WSH JScript Handler. The manipulation leads to code injection. Local access is required to approach this attack. The exploit h...

CVE-2023-1004 MarkText WSH JScript code injection

A vulnerability has been found in MarkText up to 0.17.1 on Windows and classified as critical. Affected by this vulnerability is an unknown functionality of the component WSH JScript Handler. The manipulation leads to code injection. Local access is required to approach this attack. The exploit h...

CVE-2023-1003 Typora WSH JScript code injection

A vulnerability, which was classified as critical, was found in Typora up to 1.5.5 on Windows. Affected is an unknown function of the component WSH JScript Handler. The manipulation leads to code injection. An attack has to be approached locally. The exploit has been disclosed to the public and m...

CVE-2023-1003

Typora (on Windows) up to v1.5.5 contains a code injection vulnerability in the WSH JScript Handler component. The issue requires local access to exploit and has been publicly disclosed. Upgrading to v1.5.8 fixes the flaw; as a temporary workaround, restrict access to the WSH JScript Handler. Aff...

Double Vision: Stealthy Malware Dropper Delivers Dual RATs

A newly discovered initial-stage malware dropper has been discovered sneaking by antivirus products, with the ultimate goal of delivering a double-pronged whammy of RevengeRAT and WSH RAT payloads onto targeted Windows machines. A FortiGuard Labs team recently captured a sample file that had been...

CVE-2018-0884

Windows Scripting Host WSH in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to how objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability". This CVE is unique from...

CVE-2018-0884

Windows Scripting Host WSH in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to how objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability". This CVE is unique from...

CVE-2018-0884

Technical details for CVE-2018-0884 are not publicly available in the provided documents. Monitor for updates from Microsoft MSRC and related advisories.

Security feature bypass

Windows Scripting Host WSH in Windows 10 versions 1703 and 1709 and Windows Server, version 1709 allows a Device Guard security feature bypass vulnerability due to the way objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability"...

CVE-2018-0827

CVE-2018-0827 affects Windows Scripting Host (WSH) on Windows 10 versions 1703/1709 and Windows Server 1709. The vulnerability is a Device Guard/UMCI security feature bypass caused by how objects are handled in memory, enabling a local attacker who has access to run a malicious program to bypass ...

Multi Manage File Compressor

This module zips a file or a directory. On Linux, it uses the zip command. On Windows, it will try to use remote target's 7Zip if found. If not, it falls back to its Windows Scripting Host. This module requires Metasploit: https://metasploit.com/download Current source:...

Sybase EAServer 6.3.1 - Multiple Vulnerabilities

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Sybase EAServer vulnerable version: =6.3.1 fixed version: vendor did not supply version information CVE number: - impact: critical...