Search
Keyword: ms05-051 vulnerabilities in msdtc and com could allow remote code execution 902400
\ntqxvrfh.exe (Note: %System% is the Windows system folder, which is usually C:\Windows\System32.) Autostart Technique This worm adds the following registry entries to enable its automatic execution at every
* indicates a new version of an existing rule Deep Packet Inspection Rules: Web Client Common 1011511 - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (DogWalk)
This Trojan arrives as an attachment to email messages mass-mailed by other malware/grayware or malicious users. It takes advantage of an unknown vulnerability in a certain software to allow a remote
CVE-2008-1965 Argument injection vulnerability in the cai: URI handler in rcplauncher in IBM Lotus Expeditor Client for Desktop 6.1.1 and 6.1.2, as used by Lotus Symphony and possibly other products,
Microsoft, Oracle Release Security Fixes for Zero-Day Exploits This Trojan may be downloaded by other malware/grayware from remote sites. It takes advantage of unknown vulnerabilities in certain software to
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ CLSID\{random CLSID}\InprocServer32 @ = %System%\{random_name 1}.ocx Backdoor Routine This backdoor opens a random port to allow a remote user to connect to the affected system.
File Upload Remote Code Execution Vulnerability (CVE-2021-35002) 1011498 - Identified Login Attempt With User 'disabledsystemuser' To Atlassian Confluence Server Or Data Center Web Server HTTPS 1011488
Out of bound write in Adobe Flash Player allows attackers to execute arbitrary code via unspecified vectors. Successful exploitation could result in denial of service within the security context of
CVE-2008-2811 The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or
execute the copies it drops when a user accesses the drives of an affected system. It opens a random port to allow a remote user to connect to the affected system. Once a successful connection is
of an affected system. It opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the affected
CVE-2013-3862 This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker convinces an authenticated
attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. Apply associated Trend Micro DPI Rules. 1007942|
CVE-2009-3671,MS09-072 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not
This malware may be hosted on a website and run when a user accesses the said website. It takes advantage of an unknown vulnerability in a certain software to allow a remote malicious user or malware
CVE-2010-0049 Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements
Windows SMB Server 1009511* - Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2019-0630) Integrity Monitoring Rules: 1009622* - .bash_profile and .bashrc (ATT&CK T1156) 1009629* - AppCert
usually C:\Documents and Settings\{user name}\Local Settings\Temp on Windows 2000, XP, and Server 2003, or C:\Users\{user name}\AppData\Local\Temp on Windows Vista and 7.) Autostart Technique This worm adds
port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the affected system. It runs certain commands that it
Enumeration Request Over SMB (ATT&CK T1049) Directory Server LDAP 1004656* - IBM Tivoli Directory Server Remote Code Execution Vulnerability (CVE-2011-1206) Web Application PHP Based 1011601 - WordPress