Unrestricted file upload

Unrestricted file upload vulnerability in Berta CMS allows remote attackers to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in an unspecified directory...

CVE-2015-2780

Unrestricted file upload vulnerability in Berta CMS allows remote attackers to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in an unspecified directory...

UBUNTU-CVE-2017-12629

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML extern...

[SECURITY] Fedora 27 Update: upx-3.94-1.fc27

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

Ubuntu 14.04 LTS : libffi vulnerability (USN-3454-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3454-1 advisory. It was discovered that libffi incorrectly enforced an executable stack. An attacker could possibly use this issue, in combination with another vulnerability, to...

Microsoft Windows10 AHCACHE.SYS Remote Denial Of Service(CVE-2016-3369)

Summary A denial of service vulnerability exists in the AHCACHE.SYS driver. A specially crafted Portable Executable file can cause a bugcheck in the Windows kernel resulting in remote denial of service. Tested Versions Windows 10, AHCACHE.SYS version 10.0.10586.0 Tested on Windows 10 X86 Product...

USN-3454-1: libffi vulnerability

It was discovered that libffi incorrectly enforced an executable stack. An attacker could possibly use this issue, in combination with another vulnerability, to facilitate executing arbitrary code...

USN-3454-1 libffi vulnerability

It was discovered that libffi incorrectly enforced an executable stack. An attacker could possibly use this issue, in combination with another vulnerability, to facilitate executing arbitrary code...

Equifax Takes Down Compromised Page Redirecting to Adware Download

Update: Equifax said Thursday afternoon that it was not compromised and instead confirmed it was a third-party partner’s code running on the Equifax site that was serving adware. Below is Equifax’s statement: “Despite early media reports, Equifax can confirm that its systems were not compromised...

Taiwan Bank Heist and the Role of Pseudo Ransomware

ARCHIVED STORY Taiwan Bank Heist and the Role of Pseudo Ransomware By Trellix · October 12, 2017 Widespread reports claim the Far Eastern International Bank in Taiwan has become a victim of hacking. The attacks demonstrate the global nature of cybercrime, with the cybercriminals attempting to wir...

Mozilla: Blob and data URLs bypass phishing and malware protection warnings (MFSA 2017-22)

File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise ...

Installer of HIBUN Confidential File Viewer may insecurely load Dynamic Link Libraries and invoke executable files

Overview Installer of HIBUN Confidential File Viewer provided by Hitachi Solutions, Ltd. contains an issue with the search path for DLL/executable files, which may lead to insecurely loading Dynamic Link Libraries and invoking executable files CWE-427. Eili Masami of Tachibana Lab. reported this...

JVN#94056834: Installer of HIBUN Confidential File Viewer may insecurely load Dynamic Link Libraries and invoke executable files

Installer of HIBUN Confidential File Viewer provided by Hitachi Solutions, Ltd. contains an issue with the search path for DLL/executable files, which may lead to insecurely loading Dynamic Link Libraries and invoking executable files CWE-427. Impact Arbitrary code may be executed with the...

Trend Micro OfficeScan Unauthorized Remote Process Initiation Vulnerability

Trend Micro OfficeScan is a best-of-breed endpoint security solution for mid-sized and large organizations, with a future-proof, resilient architecture that allows you to customize your threat protection and data protection through plug-ins. An unauthorized remote process initiation vulnerability...

GNU Binutils libbfd dwarf2.c read_formatted_entries denial of service vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

GNU Binutils libbfd dwarf2.c DW_AT_name Denial of Service Vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

Mozilla Firefox WebExtensions can download and open non-executable files without user interaction(CVE-2017-7821)

CVE-2017-7821 "browser.downloads addon feature may be used for RCE" Steps: 1. Go to 'about:debugging' 2. Unpack attached PoC somewhere 3. Back in 'about:debugging' choose 'Load temp addon' and choose the poc 4. jar file is automatically downloaded and executed. We are able to download and execute...

Debian DSA-3994-1 : nautilus - security update

Christian Boxdorfer discovered a vulnerability in the handling of FreeDesktop.org .desktop files in Nautilus, a file manager for the GNOME desktop environment. An attacker can craft a .desktop file intended to run malicious commands but displayed as a innocuous document file in Nautilus. An user...

Denial of Service Vulnerability in WPS Forms QtCore4 Module

WPS Office is an office software suite developed independently by Kingsoft Corporation. A denial of service vulnerability exists in the WPS Forms QtCore4 module, which occurs when formset.exe in WPS is parsing a specific xls file. An attacker can exploit the vulnerability to cause a denial of...

Memory corruption vulnerability in WPS Forms kso module (CNVD-2017-35756)

WPS Office is an office software suite developed independently by Kingsoft Corporation. A memory corruption vulnerability exists in the WPS Forms kso module, which occurs when Formset.exe in WPS is parsing a specific xlsx file. An attacker can exploit the vulnerability to cause a denial of servic...