Mozilla Firefox < 94.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 94.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-48 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass...

Tenable Network Security Nessus 权限许可和访问控制问题漏洞

Nessus is a system vulnerability scanning and analysis software. 8.15.2 and earlier versions of Nessus contain a local elevation of privilege vulnerability. An attacker could exploit this vulnerability to run specific executable files on the Nessus Agent host...

Exploit for OS Command Injection in Docker

CVE-2019-5736 is a container escape vulnerability in Docker. The exploit works by overwriting and executing the host system's runc binary from within the container. The vulnerability allows an attacker to gain root access on the host system. The exploit is implemented in Go and consists of two us...

The return of the Malwarebytes CrackMe

This blog post was authored by Hasherezade Update: Malwarebytes Crackme : we already have the winners in the category "the fastest solve", congratulations! 1st: @nazywam 2nd: Suvaditya Sur @x0r19x91 3rd:@evandrix But we are still waiting for your submissions! -- Malwarebytes Threat Intelligence...

CVE-2021-22037

Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path...

CVE-2021-3579

Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint...

New Wslink Malware Loader Runs as a Server and Executes Modules in Memory

Cybersecurity researchers on Wednesday took the wraps off a "simple yet remarkable" malware loader for malicious Windows binaries targeting Central Europe, North America and the Middle East. Codenamed "Wslink" by ESET, this previously undocumented malware stands apart from the rest in that it run...

Backdoor.Win32.Delf.arjo Unquoted Service Path

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/05177f77f075293ff7d58a7f2915c64f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.arjo Vulnerability: Insecure Service Path Description: The malware creates a...

Bitdefender Endpoint Security Tool 安全漏洞

Bitdefender Endpoint Security Tool is an endpoint security management tool from the Romanian company Bitdefender. Bitdefender Endpoint Security Tool A security vulnerability exists in the Bitdefender Endpoint Security Tool that stems from an incorrect default privilege vulnerability in the...

Backdoor.Win32.Hupigon.acio Unquoted Service Path

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/21f324a6a62d8125bc83b8d1865e17f9.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.acio Vulnerability: Insecure Service Path Description: The malware creates a...

The vulnerability of the zlib compression library in the “Avora” operating system allows a hacker to cause a service failure or have an unpredictable impact.

The vulnerability of the zlib compression library in the “Avora” operating system is related to integer overflows. Exploiting this vulnerability can allow attackers to cause service failures or have unpredictable effects using specially crafted .apk or .dex files...

CVE-2021-35231 Unquoted Path (SMB Login) Vulnerability

As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. Example vulnerable path:...

Solarwinds Kiwi Syslog Server 代码问题漏洞

Solarwinds Kiwi Syslog Server is an affordable Syslog management tool for network and system engineers from Solarwinds USA. It is used to receive syslog messages and Snmp traps from network devices routers, switches, firewalls, etc. and Linux®/Unix® hosts. A code issue vulnerability exists in the...

PowerShx - Run Powershell Without Software Restrictions

Unmanaged PowerShell execution using DLLs or a standalone executable. Introduction PowerShx is a rewrite and expansion on the PowerShdll project. PowerShx provide functionalities for bypassing AMSI and running PS Cmdlets. Features Run Powershell with DLLs using rundll32.exe, installutil.exe,...

CVE-2021-35230

As a result of an unquoted service path vulnerability present in the Kiwi CatTools Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry...

CVE-2021-38465

The CVE-2021-38465 issue affects Auvesy Versiondog’s webinstaller (a Golang web server used to generate an Auvesy image agent). The root cause is uncontrolled resource consumption: generating many installations can cause unlimited, temp-folder storage growth, enabling denial of service through re...

CVE-2021-35230

The CVE-2021-35230 entry describes an unquoted service path vulnerability in the Kiwi CatTools Installation Wizard that could allow a local attacker to gain elevated privileges by placing an executable in the path of the affected service or uninstall entry. The vulnerability is local-privilege-es...

Worm.Win32.Fasong.c Unquoted Service Path

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/bc6f4a283b6b8308c60bb70cc81edfd8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Worm.Win32.Fasong.c Vulnerability: Insecure Service Path Description: The malware creates a service...

What is an .exe file? Is it the same as an executable?

You may often see .exe files but you may not know what they are. Is it the same as an executable file? The short answer is no. So whats the difference? What is an .exe file? Exe in this context is a file extension denoting an executable file for Microsoft Windows. Windows file names have two part...

CVE-2021-38346

The Brizy Page Builder plugin = 2.3.11 for WordPress allowed authenticated users to upload executable files to a location of their choice using the brizycreateblockscreenshot AJAX action. The file would be named using the id parameter, which could be prepended with "../" to perform directory...