CVE-2024-57394 – Qi-ANXIN Tianqing Endpoint Security Management System DLL Hijacking Vulnerability

April 21, 2025

CVE ID : CVE-2024-57394

Published : April 21, 2025, 6:15 p.m. | 47 minutes ago

Description : The quarantine – restore function in Qi-ANXIN Tianqing Endpoint Security Management System v10.0 allows user to restore a malicious file to an arbitrary file path. Attackers can write malicious DLL to system path and perform privilege escalation by leveraging Windows DLL hijacking vulnerabilities.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-27086 – Hewlett Packard Enterprise HPE Performance Cluster Manager (HPCM) Authentication Bypass Vulnerability

Next Article CVE-2025-28102 – FlaskBlog XSS

Highlights

CVE-2025-37889 – XEN PCI MSI NULL Pointer Dereference Vulnerability

May 9, 2025

CVE ID : CVE-2025-37889

Published : May 9, 2025, 7:16 a.m. | 4 hours, 51 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

PCI/MSI: Handle the NOMASK flag correctly for all PCI/MSI backends

The conversion of the XEN specific global variable pci_msi_ignore_mask to a
MSI domain flag, missed the facts that:

1) Legacy architectures do not provide a interrupt domain
2) Parent MSI domains do not necessarily have a domain info attached

Both cases result in an unconditional NULL pointer dereference. This was
unfortunatly missed in review and testing revealed it late.

Cure this by using the existing pci_msi_domain_supports() helper, which
handles all possible cases correctly.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2024-57394 – Qi-ANXIN Tianqing Endpoint Security Management System DLL Hijacking Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

CVE-2025-43852 – Apache Retrieval-based-Voice-Conversion-WebUI Deserialization Remote Code Execution Vulnerability

CISA adds Yii Framework and Commvault bugs to KEV Catalog

CVE-2024-22653 – Yasm NULL Pointer Dereference Vulnerability

CVE-2025-6185 – Leviton AcquiSuite and Energy Monitoring Hub Cross-Site Scripting (XSS)

CVE-2025-37889 – XEN PCI MSI NULL Pointer Dereference Vulnerability

Stream-Omni: Simultaneous Multimodal Interactions with Large Language-Vision-Speech Model

CVE-2025-5787 – TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability

With KB5055627, Recall is finally one step closer to general availability in Windows 11

CVE-2024-57394 – Qi-ANXIN Tianqing Endpoint Security Management System DLL Hijacking Vulnerability

Related Posts