125 matches found
CVE-2025-0834
Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Wondershare\wsServices\ElevationService.exe’ with a malicious binary. This binary will be executed by...
CVE-2025-0834 Wondershare Dr.Fone Privilege Scalation Vulnerability
Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Wondershare\wsServices\ElevationService.exe’ with a malicious binary. This binary will be executed by...
CVE-2025-0834 Wondershare Dr.Fone Privilege Scalation Vulnerability
Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Wondershare\wsServices\ElevationService.exe’ with a malicious binary. This binary will be executed by...
CVE-2025-0834
Widespread CVE-2025-0834 affects Wondershare Dr.Fone v13.5.21. The vulnerability arises from a privileged escalation flaw where an attacker can replace the binary C:\ProgramData\Wondershare\wsServices\ElevationService.exe with a malicious binary, leading to SYSTEM-level execution. Affected compon...
Malicious code in xeno.dll (npm)
This package uses obfuscation to hide that its downloading a malicious binary from an attacker-controlled domain --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8903fab539c0352f278ee3116807f48f52403f7e26b855fe9d68c3328012200d Any computer that has this package...
CVE-2024-53256 Rizin has a command injection via RzBinInfo bclass due legacy code
Rizin is a UNIX-like reverse engineering framework and command-line toolset. rizin.c still had an old snippet of code which suffered a command injection due the usage of rzcorecmdf to invoke the command m which was removed in v0.1.x. A malicious binary defining bclass part of RzBinInfo is execute...
CVE-2024-7995 Autodesk VRED Design Privilege Escalation Vulnerability
A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the VRED Design application. Exploitation of this vulnerability may lead to code execution...
UBUNTU-CVE-2024-0123
NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial ...
CVE-2024-4978
Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands...
CVE-2024-4978
Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands...
CVE-2024-4978
CVE-2024-4978 affects Justice AV Solutions (JAVS) Viewer v8.3.7 installed via the 8.3.7.250-1 bundle. The advisory documents a malicious binary (fffmpeg.exe) embedded in the installer and signed with an unexpected Vanguard Tech Limited Authenticode certificate. When executed, the binary can estab...
Denial Of Service (DoS)
wabt is vulnerable to Denial Of Service DoS. An attacker can crash the application by running a maliciously crafted binary...
CVE-2023-32449
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks...
PT-2023-23796 · Dell · Dell Powerstore
Name of the Vulnerable Software and Affected Versions: Dell PowerStore versions prior to 3.5 Description: The issue concerns an improper verification of cryptographic signature, allowing an attacker to trick a high-privileged user into installing a malicious binary by bypassing existing...
CVE-2022-48199
SoftPerfect NetWorx 7.1.1 on Windows allows an attacker to execute a malicious binary with potentially higher privileges via a low-privileged user account that abuses the Notifications function. The Notifications function allows for arbitrary binary execution and can be modified by any user. The...
Design/Logic Flaw
SoftPerfect NetWorx 7.1.1 on Windows allows an attacker to execute a malicious binary with potentially higher privileges via a low-privileged user account that abuses the Notifications function. The Notifications function allows for arbitrary binary execution and can be modified by any user. The...
SoftPerfect NetWorx 安全漏洞
SoftPerfect NetWorx is a simple and versatile tool from SoftPerfect that helps you monitor Internet connections. A security vulnerability exists in SoftPerfect NetWorx version 7.1.1, which stems from a vulnerability that allows an attacker to execute a malicious binary with potentially elevated...
Input validation
Insufficient input validation during parsing of the System Management Mode SMM binary may allow a maliciously crafted SMM executable binary to corrupt Dynamic Root of Trust for Measurement DRTM user application memory that may result in a potential denial of service...
CVE-2022-36043 Rizin Double Free in bobj.c when using qnx binary plugin
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rzbinrelocstoragefree when freeing relocations generated from qnx binary plugin. A user opening a malicious qnx binary could be affected by this...
Design/Logic Flaw
Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that...