openGauss: Restricting the Permission for the ${GAUSSHOME}/bin Directory

The $GAUSSHOME/bin directory stores database binary files. To prevent them from being tampered or damaged and protect customer information from security threats, this directory must be protected and deny unauthorized user access. Copyright C 2020 Greenbone Networks GmbH Some text descriptions mig...

GaussDB Kernel: Restricting the Permission for the ${GAUSSHOME}/bin Directory

The $GAUSSHOME /bin directory stores database binary files. To prevent them from being tampered or damaged and protect customer information from security threats, this directory must be protected and deny unauthorized user access. Copyright C 2020 Greenbone Networks GmbH Some text descriptions...

Heap overflow

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section...

CVE-2020-6149

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section...

CVE-2020-6147

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow...

CVE-2020-6155

Pixar OpenUSD 20.05 binary file format vulnerability: two code paths (compressed integer and floating-point arrays) can trigger a heap-based buffer overflow while decoding the reps array in binary USD files. The overflow arises when a size read from the file and a later, larger size are used to a...

Low: Red Hat Security Advisory: file security update

An update for file is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Arbitrary File Overwrite

npm is vulnerable to arbitrary file overwrite. The package does not prevent existing globally-installed binaries from being overwritten by other package installations in /usr/local/bin. This would allow the overwriting of binary files created from the first installation...

PT-2018-16226 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1013 Description: An exploitable firmware update issue exists in the Insteon Hub. The HTTP server allows uploading arbitrary MPFS binaries, which can be modified to access hidden resources for uploading unsigned firmware...

Remote Desktop Caching - Tool To Recover Old RDP (mstsc) Session Information In The Form Of Broken PNG Files

This tool allows one to recover old RDP mstsc session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an...

CVE-2018-12889

An issue was discovered in CCN-lite 2.0.1. There is a heap-based buffer overflow in mkAddToRelayCacheRequest and in ccnlpopulatecache for an array lacking '\0' termination when reading a binary CCNx or NDN file. This can result in Heap Corruption. This was addressed by fixing the memory managemen...

CVE-2016-8742

The Windows installer that the Apache CouchDB team provides was vulnerable to local privilege escalation. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service launcher, or CouchDB...

radare2 - Unix-Like Reverse Engineering Framework And Commandline Tools

r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files. The radare project started as a forensics tool, a scriptable command-line hexadecimal editor able to open disk files, but later support for analyzing binaries, disassembling code,...

Schneider Electric Pelco VideoXpert Privilege Escalation

Schneider Electric Pelco VideoXpert Privilege Escalations Vendor: Schneider Electric SE Product web page: https://www.pelco.com Affected version: Core Software 1.12.105 Media Gateway Software 1.12.26 Exports 1.12 Summary: VideoXpert is a video management solution designed for scalability, fitting...

Cisco Prime Network Privilege Escalation Vulnerability

A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. The vulnerability is due to the use of incorrect installation and permission settings for binary files when the affected...

Cisco IOS XR Software Privilege Escalation Vulnerability (cisco-sa-20170621-ios1)

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges to the root level. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

Cisco IOS XR Software Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges to the root level. The vulnerability is due to incorrect permission settings on binary files in the affected software. An attacker could exploit this vulnerability by sending...

Linux heap overflow of Fastbin Attack examples detailed explanation-vulnerability warning-the black bar safety net

1. Summary In recent years the large CTF game, see a lot of times pwn the category title appears in the fastbin attack of the case, such as this year's defcon, the RCTF, the fat Hubble Cup, 0CTF final, etc., fastbin attack is a heap exploits are common, easy-to-use and effective attack, in the...

Cisco Hybrid Media Service Privilege Escalation Vulnerability

A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. The vulnerability is due to incorrect installation and permissions settings on binary files during the Hybrid Media Service...

Subversion 1.6.6/1.6.12 - Code Execution

This is an exploit for the subversion vulnerability published as CVE-2013-2088. Author: GlacierZ0ne [email protected] Exploit Type: Code Execution Access Type: Authenticated Remote Exploit Prerequisites: svn command line client available, subversion server exposes webdav through apache,...