Azure Identity Library Installed (Windows)

Binary data azureidentitywininstalled.nbin...

Autodesk Maya Plugins Installed (Windows)

Binary data autodeskmayawinpluginsdetect.nbin...

PersistBOF - Tool To Help Automate Common Persistence Mechanisms

A tool to help automate common persistence mechanisms. Currently supports Print Monitor SYSTEM, Time Provider Network Service, Start folder shortcut hijacking User, and Junction Folder User Usage Clone, run make, add .cna to Cobalt Strike client. run: help persist-ice in CS console Syntax:...

Traccar Code Issues Vulnerabilities

Traccar is the United States Traccar company of a Java-based GPS tracking can provide the function of building the system . The software supports more than 170 kinds of GPS protocols and more than 1500 models of GPS tracking devices . traccar can be used with any major SQL database system . It al...

BitDefender Endpoint Security Tools Detection (Windows)

Binary data bitdefenderendpointsecuritytoolsinstalled.nbin...

Palo Alto GlobalProtect Agent Installed (Windows)

Binary data paloaltoglobalprotectagentwininstalled.nbin...

SonicOS SSLVPN NACAgent 3.5 windows binary is vulnerable to Unquoted Service Path Privilege Escalation vulnerability

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution. CVE: CVE-2019-7487 Last updated: Dec. 18, 2019, 10:11 p.m...

IBM Websphere Application Server - Network Deployment Untrusted Data Deserialization Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Websphere Application Server Network Deployment Untrusted Data Deserialization Remote Code Execution', 'Description' = % This module exploits...

IBM Websphere Application Server Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Websphere Application Server Network Deployment Untrusted Data Deserialization Remote Code Execution', 'Description' = % This module exploits...

VMware vRealize Operations for Published Applications Desktop Agent Installed (Windows)

Binary data vmwarevrealizeoperationspublishedapplicationsdesktopagentinstalled.nbin...

CVE-2014-9920

Unauthorized execution of binary vulnerability in McAfee now Intel Security McAfee Application Control MAC 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 before hotfix 426, and 6.1.3 before hotfix 357 and earlier allows attackers to...

CVE-2014-9920

CVE-2014-9920 affects McAfee Application Control (MAC) 6.x before specific hotfixes (9726 for 6.0.0, 9068 for 6.0.1, 692 for 6.1.0, 399 for 6.1.1, 426 for 6.1.2, 357 for 6.1.3 and earlier). A malformed Windows binary can be created that is treated as non-executable and bypasses the whitelisting p...

Pattern Matching Swiss Knife: YARA

YARA is a tool aimed at but not limited to helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families or whatever you want to describe based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strin...

New Utility Decrypts Files Lost to TeslaCrypt Ransomware

Crypto-ransomware variants have enterprises on edge because of the threat of irreversibly damaged files. Some organizations, including most recently the Tewksbury, Ma., police department have gone as far as to pay hundreds of dollars in ransom for the recovery key. Some technology companies are...

Tenable Log Correlation Engine (LCE) Windows Client Installed (credentialed check)

Binary data lceclientinstalledwin.nbin...

MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/5503/info MySQL is is an open source relational database project, and is available for a number of operating systems, including Microsoft Windows. A weak default configuration problem has been reported in the Windows bina...

McAfee SaaS MyCioScan ShowReport Remote Command Execution

This module exploits a vulnerability found in McAfee Security-as-a-Service. The ShowReport function located in the myCIOScn.dll ActiveX component fails to check the FileName argument, and passes it on to a ShellExecuteW function, therefore allows any malicious attacker to execute any process that...

Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)

The Windows binary GSV48W32.EXE of "gsview" http://pages.cs.wisc.edu/ghost/gsview/ ftp://mirror.cs.wisc.edu/pub/mirrors/ghost/ghostgum/gsv48w32.exe ships with a zlib32.dll originally named zlib.dll v1.2.2 http://www.zlib.net/ which is vulnerable to CAN-2005-2096. The zlib32.dll is dated 2005-03-0...

MySQL 3.20.323.22.x3.23.x - Null Root Password Weak Default Configuration (2)

MySQL 3.20.323.22.x3.23.x - Null Root Password Weak Default Configuration 2 / source: https://www.securityfocus.com/bid/5503/info MySQL is is an open source relational database project, and is available for a number of operating systems, including Microsoft Windows. A weak default configuration...

MySQL 3.20.323.22.x3.23.x - Null Root Password Weak Default Configuration (1)

MySQL 3.20.323.22.x3.23.x - Null Root Password Weak Default Configuration 1 / source: https://www.securityfocus.com/bid/5503/info MySQL is is an open source relational database project, and is available for a number of operating systems, including Microsoft Windows. A weak default configuration...