EUVD-2005-0228

Malware in sbrugna...

curl: Title: Remote Code Execution (RCE) via Arbitrary Library Loading in `--engine` option

Summary: The curl command-line tool is vulnerable to Arbitrary Code Execution on POSIX-like systems Linux, macOS, etc.. The --engine option allows loading an OpenSSL crypto engine from a shared library .so file. Crucially, this option accepts an absolute or relative path to the library file,...

CVE-2024-7262

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 exclusive on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the form of a deceptive...

CVE-2024-11957

Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough...

CVE-2024-11957

Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough...

CVE-2024-7263

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 exclusive on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough...

CVE-2024-7262

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 exclusive on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the form of a deceptive...

PT-2023-14903 · Changingtec · Servisign

Name of the Vulnerable Software and Affected Versions: ChangingTec ServiSign affected versions not specified Description: The issue is related to a path traversal vulnerability due to insufficient filtering for special characters in the DLL file path. An unauthenticated remote attacker can host a...

Samsung SMR 安全漏洞

Samsung SMR is a system firmware from Samsung South Korea. It provides storage for system applications. A security vulnerability exists in SMR Mar-2021 Release 1 that allows an attacker to load arbitrary ELF libraries in the DSP. No details of the vulnerability are provided at this time...

CVE-2020-12050

SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library...

OpenSSH < 7.4 - agent Protocol Arbitrary Library Loading

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1009 The OpenSSH agent permits its clients to load PKCS11 providers using the commands SSHAGENTCADDSMARTCARDKEY and SSHAGENTCADDSMARTCARDKEYCONSTRAINED if OpenSSH was compiled with the ENABLEPKCS11 flag normally enabled and the age...

DLA-473-1 wpa - security update

Bulletin has no description...

CVE-2016-4477

wpasupplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service daemon outage, via a crafted 1 SET, 2 SETCRED, or 3 SETNETWORK command...

CVE-2016-4477

CVE-2016-4477 affects wpa_supplicant (and hostapd) when updating WPA/WPA2 passphrases: input containing newline/control characters can cause the updated configuration to execute code or disrupt service. In practice, this enables local privilege escalation via the control interface (SET_NETWORK) a...

CVE-2016-4477

wpasupplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service daemon outage, via a crafted 1 SET, 2 SETCRED, or 3 SETNETWORK command...

IBM AIX 5.3 SP6 - pioout Arbitrary Library Loading Privilege Escalation

IBM AIX 5.3 SP6 - pioout Arbitrary Library Loading Privilege Escalation !/bin/sh 07/2007: public release IBM AIX piolib.c include void init attribute constructor; void init seteuid0; setuid0; putenv"HISTFILE=/dev/null"; execl"/bin/bash", "bash", "-i", void 0; execl"/bin/sh", "sh", "-i", void 0;...

iDefense Security Advisory 07.26.07: IBM AIX pioout Arbitrary Library Loading Vulnerability

IBM AIX pioout Arbitrary Library Loading Vulnerability iDefense Security Advisory 07.26.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 26, 2007 I. BACKGROUND The pioout program is a setuid root application, installed by default under multiple versions of IBM AIX, that is used to...

Arbitrary Library Loading in Informix

NGSSoftware Insight Security Research Advisory Name: Arbitrary Library Loading in Informix Systems Affected: All versions of Informix Severity: High Vendor URL: http://www.ibm.com/ Author: David Litchfield [email protected] Date of Public Advisory: 2nd August 2006 Advisory number:...

[Full-disclosure] iDefense Security Advisory 02.07.06: QNX Neutrino RTOS crttrap Arbitrary Library Loading Vulnerability

QNX Neutrino RTOS crttrap Arbitrary Library Loading Vulnerability iDefense Security Advisory 02.07.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=379 February 7, 2006 I. BACKGROUND QNX Software Systems Ltd.'s Neutrino RTOS QNX is a real-time operating system designed for u...

iDEFENSE Security Advisory 08.29.05: Adobe Version Cue VCNative Arbitrary Library Loading Vulnerability

Adobe Version Cue VCNative Arbitrary Library Loading Vulnerability iDEFENSE Security Advisory 08.29.05 www.idefense.com/application/poi/display?id=296&type=vulnerabilities August 29, 2005 I. BACKGROUND Adobe Version Cue is a software version tracking system for Adobe products distributed with Ado...