ezEmu - Simple Execution Of Commands For Defensive Tuning/Research

ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an "offensive framework for blue teamers ", ezEmu does not have any networking/C2 capabilities and rather focuses on creating local test telemetry. Windows See /Linux for ELF ezEmu is compiled as...

PT-2020-13860 · Codiad · Codiad

Name of the Vulnerable Software and Affected Versions: Codiad versions 1.7.8 and later Description: A Cross Site Scripting XSS issue was found due to improper sanitization of the folder's name $path variable in components/filemanager/class.filemanager.php. The vendor states that Codiad is no long...

PT-2020-12538 · Facebook · Osquery

Name of the Vulnerable Software and Affected Versions: osquery versions prior to 4.4.0 Description: The issue allows for a privilege escalation. If a Windows system has a PATH containing a user-writable directory, a local user can create a zlib1.dll DLL that osquery will attempt to load, enabling...

CVE-2020-7458

In FreeBSD 12.1-STABLE before r362281, 11.4-STABLE before r362281, and 11.4-RELEASE before p1, long values in the user-controlled PATH environment variable cause posixspawnp to write beyond the end of the heap allocated stack possibly leading to arbitrary code execution...

The vulnerability of the LD_LIBRARY_PATH environment variable in Apache OpenOffice’s office programs allows a hacker to gain unauthorized access to confidential data, cause service failures, or compromise data integrity.

The vulnerability of the LDLIBRARYPATH environment variable in Apache OpenOffice applications is related to a lack of mechanisms for privilege control and access management. Exploiting this vulnerability can allow attackers to gain unauthorized access to confidential data, cause service failures,...

Linux: Strictly define variable user PATH variable

The requirement aims to prevent system commands from being replaced by malicious commands, ensuring that system commands can be executed securely. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

CVE-2019-20406

The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, and from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a DLL file in a directory in the global path environmental variable variable to inject code &...

CVE-2012-2248

An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable...

DEBIAN-CVE-2012-2248

An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable...

CVE-2012-2248

An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable...

CVE-2012-2248

An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable...

CVE-2012-2248

An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable...

CVE-2012-2248

An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable...

CVE-2012-2248

CVE-2012-2248 affects dhclient 4.3.1-6 due to an embedded path variable, described across multiple sources as a path traversal issue. The available connected documents consistently identify the problem as a vulnerability in the dhclient component, but do not provide concrete exploitation steps, a...

CVE-2018-16156

In PaperStream IP TWAIN 1.42.0.5685 Service Update 7, the FJTWSVIC service running with SYSTEM privilege processes unauthenticated messages received over the FjtwMkicFjicube32 named pipe. One of these message processing functions attempts to dynamically load the UninOldIS.dll library and executes...

CVE-2017-7642

The sudo helper in the HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable...

CVE-2017-7642

The sudo helper in the HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable...

Design/Logic Flaw

In BMC Patrol before 9.13.10.02, the binary "listguests64" is configured with the setuid bit. However, when executing it, it will look for a binary named "virsh" using the PATH environment variable. The "listguests64" program will then run "virsh" using root privileges. This allows local users to...

Progress Database 9.1 Environment Variable Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7916/info It has been reported that Progress database does not properly handle untrusted input when opening shared libraries. Specifically, the dlopen function used by several Progress utilities checks the user's PATH...

Roxio Toast 7 DejaVu Component PATH Variable Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19596/info Roxio Toast is prone to a local privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. As a result, local users may set their own search path for external applications tha...