CVE-2019-11200

Dolibarr ERP/CRM 9.0.1 provides a web-based functionality that backs up the database content to a dump file. However, the application performs insufficient checks on the export parameters to mysqldump, which can lead to execution of arbitrary binaries on the server. Malicious binaries can be...

CVE-2019-10575

Wlan binary which is not signed with OEMs RoT is working on secure device without authentication failure in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SDM850...

CVE-2019-15119

lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user...

CVE-2019-16444

Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a binary planting default folder privilege escalation vulnerability. Successful exploitation could lead t...

CVE-2019-0381

A binary planting in SAP SQL Anywhere, before version 17.0, SAP IQ, before version 16.1, and SAP Dynamic Tier, before versions 1.0 and 2.0, can result in the inadvertent access of files located in directories outside of the paths specified by the user...

CVE-2012-2493

The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader process, which allows...

CVE-2018-1000857

log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. This attack appear to be exploitable via Malicious unprivileged user executes the vulnerable binary/remot...

Ivanti Endpoint Manager Mobile Installed (Linux Agent)

Binary data ivantiendpointmanagermobilenixinstalled.nbin...

Secure Parsing and Serializing with Separation Logic Applied to CBOR, CDDL, and COSE

Incorrect handling of security-critical data formats, particularly in low-level languages, are the root cause of many security vulnerabilities. Provably correct parsing and serialization tools that target languages like C can help. Towards this end, we present PulseParse, a library of verified...

PT-2025-22533 · Unknown · Nexus Series +2

Name of the Vulnerable Software and Affected Versions: ASPECT-Enterprise versions through 3. NEXUS Series versions through 3. MATRIX Series versions through 3. Description: The issue is related to DLL's not being digitally signed when loaded in ASPECT's configuration toolset. This exposes the...

ReCopilot: Reverse Engineering Copilot in Binary Analysis

Binary analysis plays a pivotal role in security domains such as malware detection and vulnerability discovery, yet it remains labor-intensive and heavily reliant on expert knowledge. General-purpose large language models LLMs perform well in programming analysis on source code, while...

CVE-2002-2221

Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639...

CVE-2025-5051

A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component BINARY Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may...

CVE-2025-5051 FreeFloat FTP Server BINARY Command buffer overflow

A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component BINARY Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may...

CVE-2025-5051 FreeFloat FTP Server BINARY Command buffer overflow

A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component BINARY Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may...

FreeFloat FTP Server 安全漏洞

FreeFloat FTP Server is a FTP Server software developed by FreeFloat Inc. FreeFloat FTP Server suffers from a BINARY command buffer overflow vulnerability. The vulnerability is caused due to incorrect boundary checking in the component BINARY command handler, and no detailed vulnerability details...

[slackware-security] glibc

New glibc packages are available for Slackware 15.0 to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/aaaglibc-solibs-2.33-i586-8slack15.0.txz: Rebuilt. patches/packages/glibc-2.33-i586-8slack15.0.txz: Rebuilt. This update fixes a security issue: el...

Exploit for CVE-2025-40634

CVE-2025-40634 The TP-Link Archer AX50 router is vulnerable t...

PT-2025-22127 · Tp Link · Tp-Link Archer C50

Name of the Vulnerable Software and Affected Versions: TP-Link Archer AX50 versions prior to 1.0.15 build 241203 rel61480 Description: The issue is a stack-based buffer overflow vulnerability in the 'conn-indicator' binary running as root on the TP-Link Archer AX50 router. This vulnerability allo...

Zscaler Client Connector Installed (macOS)

Binary data zscalerclientconnectormacosinstalled.nbin...