18 matches found
EUVD-2008-5681
Malware in sbrugna...
EUVD-2024-17239
Malicious code in bioql PyPI...
EUVD-2024-39310
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-12322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a heap out of bounds read in radare2 2.6.0 in 6502op in libr/anal/p/anal6502.c via a crafted iNES ROM binary file. CVE-2018-12322 Note that Nessus reli...
50M_CTF_Writeup
It is an offensive tool for CTF Capture The Flag challenges. The repository contains a writeup for a $50 million CTF challenge, which includes a binary image that needs to be decoded to reveal a hidden message. The binary image is encoded with a repeating sequence of binary digits, which can be...
CVE-2024-1491
The devices allow access to an unprotected endpoint that allows MPFS file system binary image upload without authentication. The MPFS2 file system module provides a light-weight read-only file system that can be stored in external EEPROM, external serial flash, or internal flash program memory...
CVE-2024-41988
CVE-2024-41988 affects TEM Opera Plus FM Family Transmitter (affected version: 35.45). An unprotected endpoint allows MPFS File System binary image upload without authentication, affecting the HTTP2 web server module and SNMP module (and shared storage access). This can be exploited to overwrite ...
CVE-2024-5509
Luxion KeyShot BIP File Parsing Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target mus...
PT-2024-36477 · Luxion · Luxion Keyshot
Name of the Vulnerable Software and Affected Versions: Luxion KeyShot affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this, where the target must visit a...
CVE-2024-1491 Electrolink FM/DAB/TV Transmitter Missing Authentication for Critical Function
The devices allow access to an unprotected endpoint that allows MPFS file system binary image upload without authentication. The MPFS2 file system module provides a light-weight read-only file system that can be stored in external EEPROM, external serial flash, or internal flash program memory...
CVE-2024-1491
CVE-2024-1491 affects Electrolink FM/DAB/TV Transmitters, where an unauthenticated unprotected endpoint permits MPFS2 file-system binary image uploads. The MPFS2 read-only storage can reside in external EEPROM/flash and backs the HTTP2 web server and other components; exploitation could overwrite...
Electrolink FM/DAB/TV Transmitter 访问控制错误漏洞
The Electrolink FM/DAB/TV Transmitter is a series of transmitters from Electrolink. The Electrolink FM/DAB/TV Transmitter suffers from an access control error vulnerability that originates from allowing an attacker to access an unprotected endpoint and upload a binary image via the MPFS file syst...
TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution
TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution Vendor: Telecomunicazioni Elettro Milano TEM S.r.l. Product web page: https://www.tem-italy.it Affected version: Software version: 35.45 Webserver version: 1.7 Summary: This new line of Opera plus FM Transmitters combines very high...
TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution
Summary This new line of Opera plus FM Transmitters combines very high efficiency, high reliability and low energy consumption in compact solutions. They have innovative functions and features that can eliminate the costs required by additional equipment: automatic exchange of audio sources,...
libtiff: reachable assertion
A reachable assertion failure was found in libtiff's JBIG functionality. This flaw allows an attacker who can submit a crafted file to an application linked with libtiff and using the JBIG functionality, causes a crash via an assertion failure, leading to a denial of service. The exact mechanism...
openSUSE Security Update : viewvc (openSUSE-2021-123)
This update for viewvc fixes the following issues : - update to 1.1.28 boo1167974, CVE-2020-5283 : - security fix: escape subdir lastmod file name 211 - fix standalone.py first request failure 195 - suppress stack traces with option to show 140 - distinguish text/binary/image files by icons 166,...
Design/Logic Flaw
Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager CM 3.1.x, 4.0.3, and 5.x allow remote attackers to read 1 configuration files, 2 log files, 3 binary image files, and 4 help files via unknown vectors...
CVE-2008-5710
Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager CM 3.1.x, 4.0.3, and 5.x allow remote attackers to read 1 configuration files, 2 log files, 3 binary image files, and 4 help files via unknown vectors...