CVE-2023-27593

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to /opt/cni/bin due to a hostPath mount of that directory in the agent pod. By replacing the CNI binary...

CVE-2023-27197

PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...

CVE-2023-25081

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-33626

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...

CVE-2023-25105

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-24591

Uncontrolled search path in some IntelR Binary Configuration Tool software before version 3.4.4 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-41201

Due to lack of proper memory management, when a victim opens a manipulated Right Hemisphere Binary .rh, rh.x3d file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overfl...

CVE-2022-36306

An authenticated attacker can enumerate and download sensitive files, including the eNodeB's web management UI's TLS private key, the web server binary, and the web server configuration file. These vulnerabilities were found in AirVelocity 1500 running software version 9.3.0.01249, were still...

CVE-2022-37173

An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe...

CVE-2022-32852

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory...

CVE-2022-32797

This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory...

CVE-2022-4969

A vulnerability, which was classified as critical, has been found in bwoodsend rockhopper up to 0.1.2. Affected by this issue is the function countrows of the file rockhopper/src/raggedarray.c of the component Binary Parser. The manipulation of the argument raw leads to buffer overflow. Local...

CVE-2022-48199

SoftPerfect NetWorx 7.1.1 on Windows allows an attacker to execute a malicious binary with potentially higher privileges via a low-privileged user account that abuses the Notifications function. The Notifications function allows for arbitrary binary execution and can be modified by any user. The...

CVE-2022-40109

TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Insecure Permissions via binary /bin/boa...

Cisco AppDynamics Installed (Linux / Unix)

Binary data ciscoappdynamicsnixinstalled.nbin...

Intel oneAPI Level Zero Installed (Linux / Unix)

Binary data intelopenapilevel-zeronixinstalled.nbin...

SOLIDWORKS 3D CAD Installed (Windows)

Binary data solidworks3dcadwininstalled.nbin...

MDaemon Email Server Installed (Windows)

Binary data mdaemonemailserverwininstalled.nbin...

The vulnerability of the SubUPnPCSInit function in the /sbin/udev file of D-Link DCS-932L microprogrammed IP camera software allows a intruder to trigger a service failure.

The vulnerability of the SubUPnPCSInit function in the /sbin/udev file of D-Link DCS-932L microprogrammed IP camera software is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

WordPress plugin Binary MLM Plan SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...