14 matches found
EUVD-2020-17744
Malware in sbrugna...
CVE-2024-32986
PWAsForFirefox is a tool to install, manage and use Progressive Web Apps PWAs in Mozilla Firefox. Due to improper sanitization of web app properties such as name, description, shortcuts, web apps were able to inject additional lines into XDG Desktop Entries on Linux and AppInfo.ini on...
CVE-2020-21838
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read2004sectionappinfo ../../src/decode.c:2842...
PWAsForFirefox 安全漏洞
PWAsForFirefox is a Filip Š Individual Developer's tool for installing, managing and using Progressive Web Applications PWAs in Mozilla Firefox. A security vulnerability exists in PWAsForFirefox versions prior to v2.12.0, which stems from improper cleanup of web application properties, where a we...
New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure
A Rust variant of a ransomware strain known as Agenda has been observed in the wild, making it the latest malware to adopt the cross-platform programming language after BlackCat, Hive, Luna, and RansomExx. Agenda, attributed to an operator named Qilin, is a ransomware-as-a-service RaaS group that...
PowerJob 安全漏洞
PowerJob is an open source distributed computing and job scheduling framework that allows developers to easily schedule tasks in their own applications. a security vulnerability exists in PowerJob 3.2.2 and prior versions. An attacker could exploit the vulnerability to change an arbitrary user...
GNU LibreDWG 缓冲区错误漏洞
LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10. An attacker can exploit this vulnerability via the read2004sectionappinfo ... /... /src/decode.c:2842 to exploit the vulnerability and cause a heap buffer...
CVE-2020-25051
An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 software. Attackers can bypass Factory Reset Protection FRP via AppInfo. The Samsung ID is SVE-2020-17758 August 2020...
Design/Logic Flaw
An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 software. Attackers can bypass Factory Reset Protection FRP via AppInfo. The Samsung ID is SVE-2020-17758 August 2020...
CVE-2020-25051
An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 software. Attackers can bypass Factory Reset Protection FRP via AppInfo. The Samsung ID is SVE-2020-17758 August 2020...
CVE-2020-25051
CVE-2020-25051 affects Samsung mobile devices running Android P (9.0) and Q (10.0). The vulnerability permits bypassing Factory Reset Protection (FRP) via AppInfo, as described across multiple sources (NVD entry, Red Hat advisory, NCSC summary) with Samsung’s ID SVE-2020-17758. The exact affected...
AppInfo AiCheckSecureApplicationDirectory Bypass
The AppInfo service handles requests for UAC elevation. There’s an issue with the checking of secure directories which allows a user to install a UIAccess application without requiring full access to a secure directory leading to the potential for EoP Recent assessments: busterb at May 09, 2019...
Microsoft Windows 10 - Desktop Bridge Activation Arbitrary Directory Creation Privilege Escalation
Microsoft Windows 10 - Desktop Bridge Activation Arbitrary Directory Creation Privilege Escalation Windows: Desktop Bridge Activation Arbitrary Directory Creation EoP Platform: Windows 10 1703, 1709 not tested RS4 Class: Elevation of Privilege Summary: The activator for Desktop Bridge application...
Windows 10 - #Windows10 Desktop Bridge Activation Arbitrary Directory Creation Privilege Escalation
Exploit for windows platform in category dos / poc Windows: Desktop Bridge Activation Arbitrary Directory Creation EoP Platform: Windows 10 1703, 1709 not tested RS4 Class: Elevation of Privilege Summary: The activator for Desktop Bridge applications calls CreateAppContainerToken while running as...