GOG GalaxyClientService Privilege Escalation

This module will send arbitrary filepaths to the GOG GalaxyClientService, which will be executed with SYSTEM privileges verified on GOG Galaxy Client v1.2.62 and v2.0.12; prior versions are also likely affected. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2020-13126

An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13125. An attacker with the Subscriber role can upload arbitrary executable files to achieve remote code execution. NOTE: the free Elementor plugin is...

VulnCheck KEV: CVE-2020-13126

An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13125. An attacker with the Subscriber role can upload arbitrary executable files to achieve remote code execution. NOTE: the free Elementor plugin...

Windows-Pwn-Step-by-Step

This is a Windows executable file ExploitMe1.exe that appears to be a proof-of-concept PoC exploit for a vulnerability in the Windows operating system. The file is a Visual Studio project that has been compiled and packaged into an executable. The executable is designed to exploit a vulnerability...

USN-3911-2 file regression

USN-3911-1 fixed vulnerabilities in file. One of the backported security fixes introduced a regression that caused the interpreter string to be truncated. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that file incorrectly handled...

Analyzing Dark Crystal RAT, a C# Backdoor

The FireEye Mandiant Threat Intelligence Team helps protect our customers by tracking cyber attackers and the malware they use. The FLARE Team helps augment our threat intelligence by reverse engineering malware samples. Recently, FLARE worked on a new C variant of Dark Crystal RAT DCRat that the...

Command Injection

radare2 is vulnerable to command injection. A command injection vulnerability exists in the function binsymbols in libr/core/cbin.c. An attacker is able to execute arbitrary shell commands using a malicious executable file due to improper handling of symbol names embedded in executables...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM WebSphere Cast Iron Solution & App Connect Professional

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology used by IBM Cast Iron. These issues were disclosed as part of the IBM Java SDK updates in January 2020. IBM Cast Iron has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2593 DESCRIPTION: An unspecified...

GDBFrontend - An Easy, Flexible And Extensionable GUI Debugger

GDBFrontend is an easy, flexible and extensionable gui debugger. Installing Deb Package Debian / Ubuntu / KDE Neon You can install GDBFrontend via deb package for Debian-based distributions. You can install it from following commands: echo "deb trusted=yes https://oguzhaneroglu.com/deb/ ./" | sud...

Design/Logic Flaw

Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. The functions of the executable file Avira.PWM.NativeMessaging.exe are aimed at collecting credentials stored in Chrome, Firefox, Opera, and Edge. The executable does not verify the calling program and th...

U.S. Dept Of Defense: Arbitrary file upload and stored XSS via ███ support request

Summary: A malicious user can upload files of any type when submitting a support request. Impact This would allow the attacker to upload malicious executable files as well as .html or .svg files which would allow the attacker to execute malicious code on behalf of the ████ customer support...

Mono MonoX CMS Command Execution Vulnerability

MonoX CMS is an ASP.NET-based content management system CMS and social networking platform from Mono Croatia. A security vulnerability exists in Mono MonoX CMS 5.1.40.5152 and earlier versions, which originates from the program failing to check the validity of the ffmpeg.exe file before executing...

CVE-2020-12473

MonoX through 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program...

Code injection

MonoX through 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program...

CVE-2020-12473

MonoX through 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program...

Hackers Mount Zero-Day Attacks on Sophos Firewalls

Attackers have been targeting the Sophos XG Firewall both physical and virtual versions using a zero-day exploit, according to the security firm – with the ultimate goal of dropping the Asnarok malware on vulnerable appliances. Sophos said in a posting updated on Monday that the bug in question i...

The vulnerability of Google Chrome browser installers, related to insecure management of privileges, allows a perpetrator to gain unauthorized access to information and compromise its integrity and accessibility.

The vulnerability of Google Chrome browser installers is related to insecure management of privileges. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to information and compromise its integrity and availability through a specially created...

EquationExploit

Based on the provided code, it appears to be a Windows executable file likely a PE file that contains a malicious payload. The code is written in C and is designed to be compiled and executed on a Windows system. The code is a PE file, which is a type of executable file used on Windows systems. T...

Acronis: anti_ransomware_service.exe REST API does not require authentication

antiransomwareservice.exe exposes a REST API that can be used by everyone, even unprivileged users. This API is used to communicate from the Acronis True Image 2020 GUI to the antiransomwareservice.exe. This can be exploited to add an arbitary malicious executable to the whitelist or even exclude...

kernel: offset2lib allows for the stack guard page to be jumped over

A flaw was found in the Linux kernel's implementation of mapping ELF PIE binary loading to allow evasion of the stack-guard page protection mechanisms that intend to mitigate this behavior. This issue appears to be limited to i386 based systems...