FreeBSD : age -- age vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution (d9b0fea0-d564-11ef-b9bc-d05099c0ae8c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d9b0fea0-d564-11ef-b9bc-d05099c0ae8c advisory. Filippo Valsorda reports: A plugin name containing a path separator may allow an attacker to execute an...

CVE-2024-45832

Hard-coded credentials were included as part of the application binary. These credentials served as part of the application authentication flow and communication with the mobile application. An attacker could access unauthorized information...

CVE-2024-45832

CVE-2024-45832 involves Ossur Mobile Logic Application with hard-coded credentials embedded in the binary, enabling an attacker to access unauthorized information. Connected sources indicate vulnerable versions before 1.5.5 (CNNVD) and reiterate the issue across Red Hat and CVE feeds; exploitatio...

CVE-2024-13503 Stack-Based Buffer Overflow in Newtec's update signaling causes RCE

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Newtec NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM Updating signaling process in the swdownload binary modules allows Local Execution of Code, Remote Code Inclusion. This issue affects NTC2218, NTC2250,...

CVE-2024-13503

CVE-2024-13503 affects Newtec NTC2218, NTC2250 and NTC2299 on Linux (PowerPC/ARM). A stack buffer overflow in the swdownload binary is caused by an unrestricted sscanf in the parse_INFO function, reading an incoming network packet into a fixed-size buffer. This leads to arbitrary code execution w...

RedShift JDBC Installed

Binary data redshiftjdbcinstalled.nbin...

SonarSource SonarQube Server Web Interface Detection

Binary data sonarsourcesonarqubeserverwebdetect.nbin...

AWS RedShift Python Connector Detection

Binary data pythonredshiftconnectordetect.nbin...

PT-2025-2193 · Newtec · Newtec Ntc2299 +2

Name of the Vulnerable Software and Affected Versions: Newtec NTC2218, NTC2250, NTC2299 versions 1.0.1.1 through 2.2.6.19 Description: A buffer overflow issue in the swdownload binary allows attackers to execute arbitrary code. The parse INFO function uses an unrestricted sscanf to read a string ...

USN-7208-1: Apache Commons BCEL vulnerability

Felix Wilhelm discovered that Apache Commons BCEL APIs incorrectly handled parameters due to a memory issue. An attacker supplying malicious input could exploit this to generate and execute arbitrary bytecode...

BIT-PYTHON-MIN-2020-10735

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...

PT-2025-1566 · Nvidia · Nvidia Container Toolkit

Name of the Vulnerable Software and Affected Versions: NVIDIA Container Toolkit versions are affected, but specific versions are not provided in the input data. Description: The issue is related to an improper isolation vulnerability where a specially crafted container image could lead to...

NorthGrid Proself Installed (Windows)

Binary data northgridproselfwininstalled.nbin...

NorthGrid Proself Installed (Linux)

Binary data northgridproselflinuxinstalled.nbin...

PT-2025-19367 · Git +1 · Assimp

Name of the Vulnerable Software and Affected Versions: Assimp affected versions not specified Description: The software is susceptible to a heap-buffer-overflow READ issue. This occurs during the WriteObjects function within the Assimp::FBXExporter class, which is called by ExportBinary and...

BIT-PHP-MIN-2024-8927 cgi.force_redirect configuration is bypassable due to the environment variable collision

In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, HTTPREDIRECTSTATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be controlled by the request submitter via HTTP...

Improper Handling of Syntactically Invalid Structure

Overview Affected versions of this package are vulnerable to Improper Handling of Syntactically Invalid Structure due to the parsing process. An attacker can cause the application to crash by sending specially crafted BER/DER data. Remediation Upgrade swift-asn1 to version 1.3.1 or higher...

Microsoft Azure On-Premises Data Gateway Installed (Windows)

Binary data microsoftazureon-premisesdatagatewaywininstalled.nbin...

SwiftASN1 安全漏洞

SwiftASN1 is an open source ASN.1 implementation of Swift by Apple. A security vulnerability exists in SwiftASN1 versions prior to 1.3.0 that stems from incorrect assumptions about the form of an object when parsing certain BER/DER constructs, which triggers a precondition failure when these...

CVE-2024-43662 Authenticated arbitrary file upload to /tmp/ and /tmp/upload/

The .exe or .exe CGI binary can be used to upload arbitrary files to /tmp/upload/ or /tmp/ respectively as any user, although the user interface for uploading files is only shown to the iocadmin user. This issue affects Iocharger firmware for AC models before version 24120701. Likelihood: Moderat...