CVE-2020-37119

Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS query payload to trigger a three-byte overwrite, bypass ASLR, and execute shellcode through a...

CVE-2020-37119

Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS query payload to trigger a three-byte overwrite, bypass ASLR, and execute shellcode through a...

ABB Advance Optima OPC 代码问题漏洞

ABB Advance Optima OPC is a modular analysis device from ABB. A code issue vulnerability exists in ABB Advance Optima OPC version 3.2.1.0, which is caused by the absence of quotes in the directory information of the service entry, and can be exploited by an attacker to invoke applications other...

Nsauditor 3.2.1.0 Buffer Overflow

Exploit Title: Nsauditor 3.2.1.0 - Buffer Overflow SEH+ASLR bypass 3 bytes overwrite Date: 2020-04-17 Exploit Author: Cervoise Vendor Homepage: https://www.nsauditor.com/ Software Link: https://www.nsauditor.com/downloads/nsauditorsetup.exe Version: 3.2.1.0 and 3.0.28 Tested on: Windows...

Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite))

Exploit Title: Nsauditor 3.2.1.0 - Buffer Overflow SEH+ASLR bypass 3 bytes overwrite Date: 2020-04-17 Exploit Author: Cervoise Vendor Homepage: https://www.nsauditor.com/ Software Link: https://www.nsauditor.com/downloads/nsauditorsetup.exe Version: 3.2.1.0 and 3.0.28 Tested on: Windows...

IBM Cloud Automation Manager Session Fix Vulnerability

IBM Cloud Automation Manager is a multi-cloud self-service management platform from IBM USA. The platform supports the deployment of cloud infrastructure in multiple clouds. A session fix vulnerability exists in IBM Cloud Automation Manager version 3.2.1.0, which can be exploited by an attacker t...

CVE-2019-4617

IBM Cloud Automation Manager 3.2.1.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 168645...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Corporate Payment Services for Multi-Platform

Summary There are multiple vulnerabilities in the IBM® Runtime Environment Java™ Version 7 or version 8 used by Financial Transaction Manager for Corporate Payment Services for Multi-Platform FTM CPS. Financial Transaction Manager for Corporate Payment Services for Multi-Platform has addressed th...

Security Bulletin: Financial Transaction Manager for Corporate Payment Services is affected by a potential cross-site request forgery vulnerability (CVE-2018-1790)

Summary IBM Financial Transaction Manager for Corporate Payment Services FTM CPS for Multi-Platform has addressed the following vulnerability. A potential cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the websit...