144 matches found
Design/Logic Flaw
A vulnerability in CyberLink Power Director v14 allows attackers to escalate privileges via a crafted .exe file...
CVE-2022-29333
A vulnerability in CyberLink Power Director v14 allows attackers to escalate privileges via a crafted .exe file...
CVE-2022-29333
CVE-2022-29333 affects CyberLink PowerDirector v14, enabling privilege escalation via a crafted executable. The public descriptions confirm a local escalation Vector with user interaction required and partial to high impact on confidentiality, integrity, and availability per CVSS metrics, but no ...
CVE-2022-27965
Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...
CVE-2022-27964
Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...
CVE-2022-27963
Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...
Design/Logic Flaw
Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...
Design/Logic Flaw
Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...
CVE-2022-27966
Xshell v7.0.0099 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...
CVE-2022-27963
Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...
A week in security (Oct 11 – Oct 17)
Last week on Malwarebytes Labs Google warns some users that FancyBear’s been prowling around Inside Apple: How macOS attacks are evolving The joy of phishing your employees ExpressVPN made a choice, and so did I: Lock and Code S02E19 Update now! Apple patches another privilege escalation bug in i...
Backdoor.Win32.DarkKomet.bhfh Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/66fa06a4e3e799b059910dc17de295ae.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.bhfh Vulnerability: Insecure Permissions Description: DarkKomet.bhfh create...
Malicious Package
wsbd.js is a malicious package. The package executes a malicious postinstall script which runs an exe file containing Trojan malware upon installation...
CVE-2018-15378
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service DoS condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11" function libclamav/mew.c, which can be exploited to trigger an invalid read memory access v...
ALPINE-CVE-2018-15378
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service DoS condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11" function libclamav/mew.c, which can be exploited to trigger an invalid read memory access v...
CVE-2018-15378
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service DoS condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11" function libclamav/mew.c, which can be exploited to trigger an invalid read memory access v...
CVE-2018-15378 Clam AntiVirus unmew11() Denial of Service Vulnerability
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service DoS condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11" function libclamav/mew.c, which can be exploited to trigger an invalid read memory access v...
CVE-2018-15378
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service DoS condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11" function libclamav/mew.c, which can be exploited to trigger an invalid read memory access v...
CVE-2018-15378
CVE-2018-15378 affects ClamAV versions prior to 0.100.2. The root cause is an error in the MEW unpacker, specifically in the unmew11() function of libclamav/mew.c, which can trigger an invalid memory read when processing a specially crafted EXE file. The documented impact is a Denial of Service (...
Cisco Email Security Appliance EXE File Scanning Bypass Vulnerability
A vulnerability in certain attachment detection mechanisms of Cisco Email Security Appliances ESA could allow an unauthenticated, remote attacker to bypass the filtering functionality of an affected system. The vulnerability is due to the improper detection of content within executable EXE files...