50 matches found
PT-2026-4356
Name of the Vulnerable Software and Affected Versions Schneider Electric EcoStruxure Process Expert versions prior to 2025 Description An incorrect default permissions issue can lead to privilege escalation via a reverse shell. A local user with normal privileges can modify executable service...
CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers
The U.S. Cybersecurity and Infrastructure Security Agency CISA and National Security Agency NSA, along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation. "By restricting administrative...
EUVD-2018-7465
Malware in sbrugna...
EUVD-2018-18077
Malware in sbrugna...
Regsvr32.exe (.sct) Command Delivery Server
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Regsvr32.exe .sct Command Delivery Server', 'Description' = %q This module uses the Regsvr32.exe Application Whitelisting Bypass technique as a w...
Google Chrome 109.0.5414.74 - Code Execution via missing lib file Vulnerability
Exploit Title: Google Chrome 109.0.5414.74 - Code Execution via missing lib file Ubuntu Product: Google Chrome Discovered by: Rafay Baloch and Muhammad Samak Version: 109.0.5414.74 Impact: Moderate Company: Cyber Citadel Website: https://www.cybercitadel.com Tested-on : Ubuntu 22.04.1 Description...
Google Chrome 109.0.5414.74 - Code Execution via missing lib file (Ubuntu)
Exploit Title: Google Chrome 109.0.5414.74 - Code Execution via missing lib file Ubuntu Product: Google Chrome Discovered by: Rafay Baloch and Muhammad Samak Version: 109.0.5414.74 Impact: Moderate Company: Cyber Citadel Website: https://www.cybercitadel.com Tested-on : Ubuntu 22.04.1 Description...
Google Chrome 109.0.5414.74 Unsafe Library Load Vulnerability
Google Chrome version 109.0.5414.74 on Ubuntu attempts to load libnssckbi.so from a user-writable location and if missing, a replacement piece of malware can be used by an attacker to achieve code execution. Although privilege escalation is not likely as an attacker would already need access to t...
fapolicyd bug fix update
An update is available for fapolicyd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fapolicyd software framework introduces a form of application...
fapolicyd bug fix and enhancement update
An update is available for fapolicyd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fapolicyd software framework introduces a form of application...
fapolicyd bug fix and enhancement update
An update is available for fapolicyd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fapolicyd software framework introduces a form of application...
fapolicyd bug fix and enhancement update
An update is available for fapolicyd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fapolicyd software framework introduces a form of application...
Fedora: Security Advisory for fapolicyd (FEDORA-2022-47a86f6258)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: fapolicyd-1.1.2-1.fc35
Fapolicyd File Access Policy Daemon implements application whitelisting to decide file access rights. Applications that are known via a reputation source are allowed access while unknown applications are not. The daemon makes use of the kernel's fanotify interface to determine file access rights...
Moderate: Red Hat Security Advisory: fapolicyd security and bug fix update
An update for fapolicyd is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
RLSA-2022:1898 Moderate: fapolicyd security, bug fix, and enhancement update
Fapolicyd File Access Policy Daemon implements application whitelisting to decide file access rights. Applications that are known via a reputation source are allowed access while unknown applications are not. The daemon makes use of the kernel's fanotify interface to determine file access rights...
Moderate: fapolicyd security, bug fix, and enhancement update
Fapolicyd File Access Policy Daemon implements application whitelisting to decide file access rights. Applications that are known via a reputation source are allowed access while unknown applications are not. The daemon makes use of the kernel's fanotify interface to determine file access rights...
ALSA-2022:1898 Moderate: fapolicyd security, bug fix, and enhancement update
Fapolicyd File Access Policy Daemon implements application whitelisting to decide file access rights. Applications that are known via a reputation source are allowed access while unknown applications are not. The daemon makes use of the kernel's fanotify interface to determine file access rights...
Cybercriminals Swarm Windows Utility Regsvr32 to Spread Malware
A Windows living-off-the-land binary LOLBin known as Regsvr32 is seeing a big uptick in abuse of late, researchers are warning, mainly spreading trojans like Lokibot and Qbot. LOLBins are legitimate, native utilities used daily in various computing environments, that cybercriminals use to evade...
CVE-2020-10125
NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 512-bit RSA certificates to validate bunch note acceptor BNA software updates, which can be broken by an attacker with physical access in a sufficiently short period of time, thereby enabling the attacker to sign arbitrary files...