CVE-2020-7822

DaviewIndy has a Heap-based overflow vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

CVE-2020-7823

DaviewIndy has a Memory corruption vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

CVE-2020-16269

radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parsetypedef in typedwarf.c via a malformed DWATname in the .debuginfo section...

CVE-2020-16269

radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parsetypedef in typedwarf.c via a malformed DWATname in the .debuginfo section...

Design/Logic Flaw

radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parsetypedef in typedwarf.c via a malformed DWATname in the .debuginfo section...

CVE-2020-16269

CVE-2020-16269 affects radare2 4.5.0 where DWARF information in .debug_info is misparsed, causing a segmentation fault in parse_typedef (type_dwarf.c) due to a malformed DW_AT_name; the related CVEs (including CVE-2020-17487) cover malformed PE signature data. Multiple advisories (Mageia MGASA-20...

CVE-2020-16269

radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parsetypedef in typedwarf.c via a malformed DWATname in the .debuginfo section...

CVE-2020-16269

radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parsetypedef in typedwarf.c via a malformed DWATname in the .debuginfo section...

Exploit for Origin Validation Error in Solarwinds Dameware_Mini_Remote_Control

CVE-2019-3980 This repo was created to utilize the Nessus POC...

CVE-2020-12081

An information disclosure vulnerability has been identified in FlexNet Publisher lmadmin.exe 11.14.0.2. The web portal link can be used to access to system files or other important files on the system...

Kubebox - Terminal And Web Console For Kubernetes

Terminal and Web console for Kubernetes Features Configuration from kubeconfig files KUBECONFIG environment variable or $HOME/.kube Switch contexts interactively Authentication support bearer token, basic auth, private key / cert, OAuth, OpenID Connect, Amazon EKS, Google Kubernetes Engine, Digit...

shadowbroker

This repository, hc1216/shadowbroker, contains a collection of exploits and tools for various vulnerabilities. The repository was initially reported to contain sensitive data, leading to the deletion of several files. The remaining files include a mix of exploit code, payloads, and documentation...

The vulnerability of the MpSigStub.exe executable of Microsoft Windows Defender allows a hacker to delete files in certain parts of the file system.

The vulnerability of the MpSigStub.exe executable file of Microsoft’s Windows Defender is related to privilege management errors. Exploiting this vulnerability could allow a malicious actor to delete files in certain parts of the file system remotely...

Security Bulletin: IBM Sterling Connect:Direct for UNIX Allows a User with Sudo Access Restricted to Certain Connect:Direct Executable Files to Expand Access Beyond the Restriction (CVE-2018-1903)

Summary UNIX system administrators may grant access to run certain executable files with expanded privilege via the sudo utility. Connect:Direct for UNIX has a vulnerability that could allow a user to escape this sudo executable file restriction and perform unauthorized commands with expanded...

The vulnerability of the executable file McTray.exe of the Microsoft Windows anti-virus software McAfee VirusScan Enterprise allows a perpetrator to gain increased privileges.

The vulnerability of the McTray.exe executable of the Microsoft Windows antivirus software, McAfee VirusScan Enterprise, is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

ASUS ScreenPad2 Upgrade Tool Code Issue Vulnerability

ASUS ScreenPad2 Upgrade Tool is an update tool for the ASUS ScreenPad2 touchpad from ASUS of Taiwan, China.ASUS ScreenPad2 Upgrade Tool version 1.0.3 contains the AsusScreenXpertServicec.exe and ScreenXpertUpgradeServiceManager.exe files are vulnerable to a code issue. An attacker could exploit t...

Directory traversal

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current...

CVE-2020-15121

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current...

CVE-2020-15121 Command injection in Radare2

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current...

CVE-2020-15121

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current...