Lucene search
K

350 matches found

Fedora
Fedora
added 2023/01/12 1:53 a.m.41 views

[SECURITY] Fedora 37 Update: mingw-binutils-2.38-6.fc37

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

5.5CVSS4.5AI score0.00437EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/01/12 12:0 a.m.24 views

Fedora: Security Advisory for mingw-binutils (FEDORA-2023-3d9f2bed46)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS6AI score0.00437EPSS
Exploits1References2
Kitploit
Kitploit
added 2022/12/18 11:30 a.m.76 views

laZzzy - Shellcode Loader, Developed Using Different Open-Source Libraries, That Demonstrates Different Execution Techniques

laZzzy is a shellcode loader that demonstrates different execution techniques commonly employed by malware. laZzzy was developed using different open-source header-only libraries. Features Direct syscalls and native Nt functions not all functions but most Import Address Table IAT evasion Encrypte...

7.7AI score
Exploits0References11
Fedora
Fedora
added 2022/11/10 10:55 p.m.43 views

[SECURITY] Fedora 37 Update: mingw-binutils-2.38-5.fc37

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

6.5CVSS4.5AI score0.01089EPSS
Exploits0
Fedora
Fedora
added 2022/11/07 9:7 p.m.42 views

[SECURITY] Fedora 36 Update: mingw-binutils-2.37-5.fc36

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

6.5CVSS4.5AI score0.01089EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/09/30 4:25 a.m.64 views

WARNING: New Unpatched Microsoft Exchange Zero-Day Under Active Exploitation

Security researchers are warning of previously undisclosed flaws in fully patched Microsoft Exchange servers being exploited by malicious actors in real-world attacks to achieve remote code execution on affected systems. The advisory comes from Vietnamese cybersecurity company GTSC, which...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2022/09/20 12:0 a.m.373 views

Trojan.Ransom.Ryuk.A MVID-2022-0640 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/5ac0f050f93f86e69026faea1fbb4450.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Ransom.Ryuk.A Vulnerability: Arbitrary Code Execution Description: The ransomware...

7.4AI score
Exploits0
OSV
OSV
added 2022/07/23 3:15 a.m.4 views

CVE-2022-36415

A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user places malicious DLLs in the C:\Windows\Temp\ folder, and...

7.8CVSS7.2AI score0.00212EPSS
Exploits0References1
Prion
Prion
added 2022/07/23 3:15 a.m.15 views

Spoofing

A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user places malicious DLLs in the C:\Windows\Temp\ folder, and...

4.4CVSS7.6AI score0.00212EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2022/07/13 12:0 a.m.12 views

Nodejs Dll hijacking vulnerability

Node.js is an open source and cross-platform JavaScript runtime environment. nodejs suffers from a Dll hijacking vulnerability, which can be exploited by attackers to inject malicious dlls into nodejs and execute code within Nodejs...

7.3CVSS2.8AI score0.01732EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2022/06/07 12:0 a.m.278 views

Ransom.Haron MVID-2022-0609 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/dedad693898bba0e4964e6c9a749d380.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Haron Vulnerability: Code Execution Description: Haron looks for and executes DLLs ...

7.4AI score
Exploits0
Redos
Redos
added 2022/05/16 12:0 a.m.69 views

ROS-20220516-05

A vulnerability in the Git distributed version control system is related to the fact that the uninstaller binary downloads DLLs in an unsafe manner from the current working directory. uninstaller binary loads DLLs in an insecure manner from the current working directory. Exploitation of the...

7.8CVSS8.3AI score0.01403EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/04/19 9:15 p.m.4 views

CVE-2022-27527

A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files. It was fixed in PDFTron earlier than 9.0.7 version in Autodesk Navisworks 2022, and 2020...

7.8CVSS6.3AI score0.00483EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/04/11 8:15 p.m.4 views

CVE-2022-25791

A Memory Corruption vulnerability for DWF and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 may lead to code execution through maliciously crafted DLL files...

7.8CVSS7.4AI score0.0062EPSS
Exploits0References2
NVD
NVD
added 2022/03/29 5:15 p.m.20 views

CVE-2022-26839

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 is vulnerable to an incorrect default permission in the DIAEnergie application, which may allow an attacker to plant new files such as DLLs or replace existing executable files...

7.8CVSS0.00208EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/29 4:37 p.m.20 views

CVE-2022-26839 Delta Electronics DIAEnergie Incorrect Default Permissions

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 is vulnerable to an incorrect default permission in the DIAEnergie application, which may allow an attacker to plant new files such as DLLs or replace existing executable files...

7.8CVSS7.7AI score0.00208EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/23 10:15 p.m.2 views

CVE-2021-44226

Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there...

7.3CVSS7AI score0.00889EPSS
Exploits5References9
OSV
OSV
added 2022/03/23 10:15 p.m.4 views

CVE-2021-44226

Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there...

7.3CVSS7.1AI score
Exploits0References8
NVD
NVD
added 2022/03/23 10:15 p.m.51 views

CVE-2021-44226

Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there...

7.3CVSS0.00889EPSS
Exploits5References8
Prion
Prion
added 2022/03/23 10:15 p.m.16 views

Privilege escalation

Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there...

6.9CVSS7.4AI score0.00889EPSS
Exploits5References8Affected Software1
Rows per page
Query Builder