PortexAnalyzerGUI - Graphical Interface For PortEx, A Portable Executable And Malware Analysis Library

Graphical interface for PortEx, a Portable Executable and Malware Analysis Library Download Releases page Features Header information from: MSDOS Header, Rich Header, COFF File Header, Optional Header, Section Table PE Structures: Import Section, Resource Section, Export Section, Debug Section...

Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection

Threat activity clusters affiliated with the Chinese and Russian cybercriminal ecosystems have been observed using a new piece of malware that's designed to load Cobalt Strike onto infected machines. Dubbed SILKLOADER by Finnish cybersecurity company WithSecure, the malware leverages DLL...

Design/Logic Flaw

VX Search v13.8 and v14.7 was discovered to contain an unquoted service path vulnerability which allows attackers to execute arbitrary commands at elevated privileges via a crafted executable file...

CVE-2023-24671

VX Search v13.8 and v14.7 was discovered to contain an unquoted service path vulnerability which allows attackers to execute arbitrary commands at elevated privileges via a crafted executable file...

CertVerify - A Scanner That Files With Compromised Or Untrusted Code Signing Certificates

The CertVerify is a tool designed to detect executable files exe, dll, sys that have been signed with untrusted or leaked code signing certificates. The purpose of this tool is to identify potentially malicious files that have been signed using certificates that have been compromised, stolen, or...

CVE-2023-0351

The Akuvox E11 web server backend library allows command injection in the device phone-book contacts functionality. This could allow an attacker to upload files with executable command instructions...

Command injection

The Akuvox E11 web server backend library allows command injection in the device phone-book contacts functionality. This could allow an attacker to upload files with executable command instructions...

CVE-2023-0351 CVE-2023-0351

The Akuvox E11 web server backend library allows command injection in the device phone-book contacts functionality. This could allow an attacker to upload files with executable command instructions...

CVE-2023-0351 CVE-2023-0351

The Akuvox E11 web server backend library allows command injection in the device phone-book contacts functionality. This could allow an attacker to upload files with executable command instructions...

CVE-2023-0351

The CVE-2023-0351 issue affects Akuvox E11 (all versions) where the web server backend library allows command injection in the device’s phone-book contacts functionality, enabling an attacker to upload files with executable command instructions. Public sources cite a high-severity CVSSv3.1 base s...

CVE-2023-27010

Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escalate privileges via modifying or overwriting the executable...

CVE-2023-27010

Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escalate privileges via modifying or overwriting the executable...

Wondershare Dr.Fone 安全漏洞

Wondershare Dr. Fone is a mobile device toolkit software from China Wondershare Technology Wondershare. The software provides applications, transfer data, contacts, messages and other auxiliary functions for the device. A security vulnerability exists in Wondershare Dr.Fone v12.9.6. An attacker...

Akuvox E11 命令注入漏洞

Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. The Akuvox E11 suffers from a command injection vulnerability that stems from a web server backend library that allows command injection in the device's phonebook contact feature. This could allow an...

Debian: Security Advisory (DLA-150-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2023-21277 · L Soft · Listserv

Name of the Vulnerable Software and Affected Versions: L-Soft LISTSERV versions 16.5 through 16.5 Description: The issue allows an attacker to conduct XSS attacks via a crafted URL, specifically exploiting the REPORT parameter in wa.exe. Recommendations: For versions 16.5, update to version 17 or...

The vulnerability of the Apex One NT RealTime Scan service (ntrtscan.exe), an antivirus software solution provided by Trend Micro’s Apex One, exposes the system to potential threats. This vulnerability allows attackers to gain increased privileges.

The vulnerability of the Apex One NT RealTime Scan ntrtscan.exe component of Trend Micro’s Apex One and Apex One as a Service antivirus programs is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to increase their...

PT-2023-8667 · Unknown · Hgiga Oaklouds

Name of the Vulnerable Software and Affected Versions: HGiga OAKlouds affected versions not specified Description: The HGiga OAKlouds file uploading function does not restrict the upload of files with dangerous types. An unauthenticated remote attacker can exploit this issue to upload and run...

Debian dla-3343 : ca-certificates-mono - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3343 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3343-1 [email protected] https://www.debian.org/lts/security/...

DEBIAN-CVE-2023-26314

The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter...