31219 matches found
RUSTSEC-2024-0432 Malicious plugin names, recipients, or identities can cause arbitrary binary execution
A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided to the rage CLI through an attacker-controlled recipient or identity string, or an attacker-controlled plugin name via the -j flag. On UNIX systems, a directory...
Malicious plugin names, recipients, or identities can cause arbitrary binary execution
A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided to the rage CLI through an attacker-controlled recipient or identity string, or an attacker-controlled plugin name via the -j flag. On UNIX systems, a directory...
rage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution
A plugin name containing a path separator may allow an attacker to execute an arbitrary binary...
age vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution
A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided to the age CLI through an attacker-controlled recipient or identity string, or to the plugin.NewIdentity, plugin.NewIdentityWithoutData, or plugin.NewRecipient APIs. ...
age -- age vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution
Filippo Valsorda reports: A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided to the age CLI through an attacker-controlled recipient or identity string, or to the plugin.NewIdentity, plugin.NewIdentityWithoutData, or...
CVE-2024-36832
A NULL pointer dereference in D-Link DAP-1513 REVAFIRMWARE1.01 allows attackers to cause a Denial of Service DoS via a crafted web request without authentication. The vulnerability occurs in the /bin/webs binary of the firmware. When /bin/webs receives a carefully constructed HTTP request, it wil...
Siemens TeleControl Server Basic Redundancy Server Detection
Binary data siemenstelecontrolserverbasicredundancydetect.nbin...
Rclone Installed (Linux)
Binary data rclonenixinstalled.nbin...
Kolide Agent Installed (Windows)
Binary data kolideagentwininstalled.nbin...
Rockwell Arena Installed (Windows)
Binary data rockwellarenawininstalled.nbin...
Cleo Harmony Web Service Detection
Binary data cleoharmonydetect.nbin...
Cleo LexiCom Web Service Detection
Binary data cleolexicomdetect.nbin...
Cleo VLTrader Web Service Detection
Binary data cleovltraderdetect.nbin...
Exploit for Improper Privilege Management in Enlightenment
CVE-2022-37706 Exploit: Enlightenment v0.25.3 Privilege Escala...
SUSE CVE-2024-53589
GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD Binary File Descriptor library's handling of tekhex format files...
Devolutions Server Installed (Windows)
Binary data devolutionsserverwininstalled.nbin...
Google Pixel 安全漏洞
Google Pixel is a smartphone from Google, an American company. A security vulnerability exists in Google Pixel, which stems from a lack of bounds checking in getbinary in vendor/mediatek/proprietary/hardware/connectivity/gps/gpshal/src/datacoder.c, where out-of-bounds writes may exist...
PT-2024-10659 · Google · Android +1
Name of the Vulnerable Software and Affected Versions: No specific software or version is mentioned as affected, so the information is not sufficient to determine the exact vulnerable software and versions. Description: The issue is related to a possible out of bounds write in the get binary...
SUSE-SU-2024:4140-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47589: igbvf: fix double free in igbvfprobe bsc1226557. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1231893. - CVE-2022-48960: net:...
OESA-2024-2480 openssl security update
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to...