CyberGhostVPN 代码问题漏洞

CyberGhostVPN is a highly optimized VPN server from CyberGhostVPN Romania. A security vulnerability exists in CyberGhostVPN Windows Client versions prior to v8.3.10.10015, which was discovered to contain a DLL injection vulnerability via the component Dashboard.exe...

EulerOS 2.0 SP11 : libXpm (EulerOS-SA-2023-1784)

According to the versions of the libXpm package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and c...

EulerOS 2.0 SP11 : git (EulerOS-SA-2023-1757)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined b...

PortEx - Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header,...

PT-2023-5861 · Git · Git For Windows

Name of the Vulnerable Software and Affected Versions: Git for Windows versions prior to 2.40.1 Description: The issue is related to the executable file connect.exe in Git for Windows, which implements a SOCKS5 proxy. This vulnerability is associated with an uncontrolled search path element...

Directory traversal + file write causing arbitrary code execution

Impact Frederic Linn @FredericLinn has reported a series of vulnerabilities that can result in directory traversal, file write, and potential remote code execution on Jellyfin instances. The general process involves chaining several exploits including a stored XSS vulnerability and can be used by...

CVE-2023-2226

Due to insufficient validation in the PE and OLE parsers in Rapid7's Velociraptor versions earlier than 0.6.8 allows attacker to crash Velociraptor during parsing of maliciously malformed files. For this attack to succeed, the attacker needs to be able to introduce malicious files to the system a...

Velocidex Velociraptor 缓冲区错误漏洞

Velocidex Velociraptor is a tool from Velocidex Australia that uses Velociraptor Query Language VQL queries to gather host-based state information. A security vulnerability exists in Velocidex Velociraptor versions prior to 0.6.8 that stems from insufficient validation of the PE and OLE parsers,...

CVE-2023-28140

An Executable Hijacking condition exists in the Qualys Cloud Agent for Windows platform in versions before 4.5.3.1. Attackers may load a malicious copy of a Dependency Link Library DLL via a local attack vector instead of the DLL that the application was expecting, when processes are running with...

Design/Logic Flaw

An Executable Hijacking condition exists in the Qualys Cloud Agent for Windows platform in versions before 4.5.3.1. Attackers may load a malicious copy of a Dependency Link Library DLL via a local attack vector instead of the DLL that the application was expecting, when processes are running with...

CVE-2023-28140

CVE-2023-28140 concerns the Qualys Cloud Agent for Windows. Affected are versions before 4.5.3.1, with the exploit described as an executable hijacking via a malicious DLL loaded locally instead of the expected DLL when processes run with escalated privileges. The vulnerability is bounded to the ...

Remote code execution

The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles potentially including unauthenticated anonymous users to execute arbitrary Scheme or shell cod...

CVE-2020-29007

The CVE-2020-29007 entry concerns MediaWiki’s Score extension up to version 0.3.0, where the vulnerability arises from improper sandboxing of the GNU LilyPond executable. This allows any user with article-edit capability—potentially unauthenticated users—to trigger remote code execution by crafti...

Design/Logic Flaw

WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service...

PT-2023-14188 · Wacom · Wacom Driver

Name of the Vulnerable Software and Affected Versions: Wacom Driver version 6.3.46-1 Description: The Wacom Driver for Windows contains an arbitrary file write issue via the Wacom Tablet.exe component. This allows for potential malicious activity. Recommendations: For Wacom Driver version 6.3.46-...

CVE-2023-1406

The JetEngine WordPress plugin before 3.1.3.1 includes uploaded files without adequately ensuring that they are not executable, leading to a remote code execution vulnerability...

Linux/x86_64 - bash Shellcode with xor encoding Shellcode (71 bytes)

Exploit Title: Linux/x8664 - bash shellcode with xor encoding Date: 05/02/2023 Exploit Author: Jeenika Anadani Contact: https://twitter.com/cyberjeeni Category: Shellcode Architectue: Linux x8664 Shellcode Length: 71 Bytes ----------------------- section .data section .text global start start: ;...

CVE-2023-27762

An issue found in Wondershare Technology Co., Ltd DemoCreator v.6.0.0 allows a remote attacker to execute arbitrary commands via the democreatorsetupfull7743.exe file...

CVE-2022-48226

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During installation, an EXE gets executed out of C:\Windows\Temp. A standard user can create the path file ahead of time and obtain elevated code execution. Permissions need to be modified to prevent manipulation...

Acuant AcuFill SDK 代码问题漏洞

Acuant AcuFill SDK is a data capture technology from the American company Acuant. All major data fields can be extracted from documents. A security vulnerability exists in the Acuant AcuFill SDK that stems from a call to certutil.exe by the Acuant installer to repair certificates during SDK repai...