CVE-2025-47422

Advanced Installer before 22.6 has an uncontrolled search path element local privilege escalation vulnerability. When running as SYSTEM in certain configurations, Advanced Installer looks in standard-user writable locations for non-existent binaries and executes them as SYSTEM. A low-privileged...

CVE-2025-21432

Memory corruption while retrieving the CBOR data from TA...

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A resource management error vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when retrieving CBOR data from TA...

PT-2025-28503

Name of the Vulnerable Software and Affected Versions: Juju versions prior to 3.6.8 Juju versions prior to 2.9.52 Description: The issue allows any authenticated controller user to upload arbitrary agent binaries to any model or to the controller itself without verifying model membership or...

CVE-2025-47422

CVE-2025-47422 affects Advanced Installer prior to 22.6. The flaw is an uncontrolled search path element that, when running as SYSTEM, can read non-existent binaries from standard-user writable locations and execute them with SYSTEM privileges, allowing arbitrary SYSTEM code execution if a malici...

CVE-2025-47422

Advanced Installer before 22.6 has an uncontrolled search path element local privilege escalation vulnerability. When running as SYSTEM in certain configurations, Advanced Installer looks in standard-user writable locations for non-existent binaries and executes them as SYSTEM. A low-privileged...

PT-2025-28461 · Unknown · Advanced Installer

Name of the Vulnerable Software and Affected Versions: Advanced Installer versions prior to 22.6 Description: The issue is related to an uncontrolled search path element local privilege escalation. When running as SYSTEM in certain configurations, Advanced Installer looks in standard-user writabl...

Cyclic Equalizability of Words and Its Application to Card-Based Cryptography

Card-based cryptography is a research area to implement cryptographic procedures using a deck of physical cards. In recent years, it has been found to be related to finite group theory and algebraic combinatorics, and is becoming more and more closely connected to the field of mathematics. In thi...

IBM App Connect Enterprise (ACE) Detection (Windows)

Binary data ibmacewininstalled.nbin...

50M_CTF_Writeup

It is an offensive tool for CTF Capture The Flag challenges. The repository contains a writeup for a $50 million CTF challenge, which includes a binary image that needs to be decoded to reveal a hidden message. The binary image is encoded with a repeating sequence of binary digits, which can be...

Comodo Internet Security Premium 命令注入漏洞

Comodo Internet Security Premium is a suite of computer security software from Comodo, Inc. that focuses on Internet security. A command injection vulnerability exists in Comodo Internet Security Premium version 12.3.4.8162, which stems from incorrect manipulation of the parameter binary/params...

CVE-2025-49595

n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability in /rest/binary-data endpoint when processing empty filesystem URIs filesystem:// or filesystem-v2://. This allows authenticated attackers to cause service unavailability through malformed...

CVE-2025-46733 REE userspace code can panic TAs, leading to fTPM PCR reset and data disclosure

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In version 4.5.0, using a specially crafted tee-supplicant binary running in REE userspace, an attacker can trigger a panic in a TA that...

n8n Vulnerable to Denial of Service via Malformed Binary Data Requests

Summary Denial of Service vulnerability in /rest/binary-data endpoint when processing empty filesystem URIs filesystem:// or filesystem-v2://. Impact This is a Denial of Service DoS vulnerability that allows authenticated attackers to cause service unavailability through malformed filesystem URI...

GHSA-PR9R-GXGP-9RM8 n8n Vulnerable to Denial of Service via Malformed Binary Data Requests

Summary Denial of Service vulnerability in /rest/binary-data endpoint when processing empty filesystem URIs filesystem:// or filesystem-v2://. Impact This is a Denial of Service DoS vulnerability that allows authenticated attackers to cause service unavailability through malformed filesystem URI...

CVE-2025-49595

CVE-2025-49595 affects n8n prior to 1.99.0, where the /rest/binary-data endpoint is vulnerable to DoS via empty filesystem URIs (filesystem:// or filesystem-v2://). Authenticated attackers can exhaust resources and disrupt service (including n8n.cloud), with observed HTTP/2 524 timeouts. The issu...

Multiple Printer Devices Information Disclosure (CVE-2024-51977)

Binary data printercve-2024-51977.nbin...

CVE-2025-6931

A vulnerability classified as problematic was found in D-Link DCS-6517 and DCS-7517 up to 2.02.0. Affected by this vulnerability is the function generatepassfrommac of the file /bin/httpd of the component Root Password Generation Handler. The manipulation leads to insufficient entropy. The attack...

Binary Vulnerability in Unisys UOS Browser at Unisys Software Technology Ltd.

Unisys Software Technology Co., Ltd. is a company specializing in the development and service of operating systems. A binary vulnerability exists in the Unisys UOS Browser, which can be exploited by attackers to cause a denial of service...

Binary Vulnerability in Unisys UOS Browser at Unisys Software Technology Limited (CNVD-2025-18469)

Unisys Software Technology Co., Ltd. is a company specializing in the development and service of operating systems. A binary vulnerability exists in the Unisys UOS Browser, which can be exploited by attackers to cause a denial of service...