Lucene search
K

125 matches found

NVD
NVD
added 2025/01/30 9:15 a.m.14 views

CVE-2025-0834

Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Wondershare\wsServices\ElevationService.exe’ with a malicious binary. This binary will be executed by...

7.8CVSS0.00153EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/30 9:2 a.m.19 views

CVE-2025-0834 Wondershare Dr.Fone Privilege Scalation Vulnerability

Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Wondershare\wsServices\ElevationService.exe’ with a malicious binary. This binary will be executed by...

7.8CVSS0.00153EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/30 9:2 a.m.8 views

CVE-2025-0834 Wondershare Dr.Fone Privilege Scalation Vulnerability

Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Wondershare\wsServices\ElevationService.exe’ with a malicious binary. This binary will be executed by...

7.8CVSS7.9AI score0.00153EPSS
Exploits0References1
CVE
CVE
added 2025/01/30 9:2 a.m.46 views

CVE-2025-0834

Widespread CVE-2025-0834 affects Wondershare Dr.Fone v13.5.21. The vulnerability arises from a privileged escalation flaw where an attacker can replace the binary C:\ProgramData\Wondershare\wsServices\ElevationService.exe with a malicious binary, leading to SYSTEM-level execution. Affected compon...

7.8CVSS7.9AI score0.00153EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/31 11:37 p.m.3 views

Malicious code in xeno.dll (npm)

This package uses obfuscation to hide that its downloading a malicious binary from an attacker-controlled domain --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8903fab539c0352f278ee3116807f48f52403f7e26b855fe9d68c3328012200d Any computer that has this package...

6.8AI score
Exploits0References1
OSV
OSV
added 2024/12/23 3:17 p.m.6 views

CVE-2024-53256 Rizin has a command injection via RzBinInfo bclass due legacy code

Rizin is a UNIX-like reverse engineering framework and command-line toolset. rizin.c still had an old snippet of code which suffered a command injection due the usage of rzcorecmdf to invoke the command m which was removed in v0.1.x. A malicious binary defining bclass part of RzBinInfo is execute...

7.8CVSS7.3AI score0.01176EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/11/05 8:6 p.m.21 views

CVE-2024-7995 Autodesk VRED Design Privilege Escalation Vulnerability

A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the VRED Design application. Exploitation of this vulnerability may lead to code execution...

7.8CVSS0.00201EPSS
Exploits0References1
OSV
OSV
added 2024/10/03 5:15 p.m.5 views

UBUNTU-CVE-2024-0123

NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial ...

3.3CVSS5.8AI score0.00205EPSS
Exploits0References3
NVD
NVD
added 2024/05/23 2:15 a.m.23 views

CVE-2024-4978

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands...

8.7CVSS8.4AI score0.26937EPSS
Exploits1References4
OSV
OSV
added 2024/05/23 2:15 a.m.5 views

CVE-2024-4978

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands...

8.4CVSS5.9AI score0.26937EPSS
Exploits1References4
CVE
CVE
added 2024/05/23 1:56 a.m.238 views

CVE-2024-4978

CVE-2024-4978 affects Justice AV Solutions (JAVS) Viewer v8.3.7 installed via the 8.3.7.250-1 bundle. The advisory documents a malicious binary (fffmpeg.exe) embedded in the installer and signed with an unexpected Vanguard Tech Limited Authenticode certificate. When executed, the binary can estab...

8.7CVSS8.3AI score0.26937EPSS
In wildExploits1References4Affected Software1
Veracode
Veracode
added 2023/09/11 7:39 p.m.7 views

Denial Of Service (DoS)

wabt is vulnerable to Denial Of Service DoS. An attacker can crash the application by running a maliciously crafted binary...

7.5CVSS6.5AI score0.00833EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/06/22 6:50 a.m.14 views

CVE-2023-32449

Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks...

7.2CVSS7.5AI score0.0012EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/22 12:0 a.m.4 views

PT-2023-23796 · Dell · Dell Powerstore

Name of the Vulnerable Software and Affected Versions: Dell PowerStore versions prior to 3.5 Description: The issue concerns an improper verification of cryptographic signature, allowing an attacker to trick a high-privileged user into installing a malicious binary by bypassing existing...

7.8CVSS7.6AI score0.0012EPSS
Exploits0References3
NVD
NVD
added 2023/01/26 9:18 p.m.38 views

CVE-2022-48199

SoftPerfect NetWorx 7.1.1 on Windows allows an attacker to execute a malicious binary with potentially higher privileges via a low-privileged user account that abuses the Notifications function. The Notifications function allows for arbitrary binary execution and can be modified by any user. The...

8.8CVSS8.8AI score0.00689EPSS
Exploits0References2
Prion
Prion
added 2023/01/26 9:18 p.m.19 views

Design/Logic Flaw

SoftPerfect NetWorx 7.1.1 on Windows allows an attacker to execute a malicious binary with potentially higher privileges via a low-privileged user account that abuses the Notifications function. The Notifications function allows for arbitrary binary execution and can be modified by any user. The...

6.5CVSS8.7AI score0.00689EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.5 views

SoftPerfect NetWorx 安全漏洞

SoftPerfect NetWorx is a simple and versatile tool from SoftPerfect that helps you monitor Internet connections. A security vulnerability exists in SoftPerfect NetWorx version 7.1.1, which stems from a vulnerability that allows an attacker to execute a malicious binary with potentially elevated...

8.8CVSS8AI score0.00689EPSS
Exploits0References3
Prion
Prion
added 2023/01/11 8:15 a.m.17 views

Input validation

Insufficient input validation during parsing of the System Management Mode SMM binary may allow a maliciously crafted SMM executable binary to corrupt Dynamic Root of Trust for Measurement DRTM user application memory that may result in a potential denial of service...

1.7CVSS6.1AI score0.00181EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/09/06 12:0 a.m.8 views

CVE-2022-36043 Rizin Double Free in bobj.c when using qnx binary plugin

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rzbinrelocstoragefree when freeing relocations generated from qnx binary plugin. A user opening a malicious qnx binary could be affected by this...

7.8CVSS7.6AI score0.00361EPSS
Exploits0References7
Prion
Prion
added 2022/07/14 8:15 p.m.28 views

Design/Logic Flaw

Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that...

1.7CVSS4.7AI score0.00467EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder