Microsoft Azure Appliance Configuration Manager Installed (Windows)

Binary data microsoftazureapplianceconfigurationmanagerwininstalled.nbin...

Microsoft Azure Discovery Service Installed (Windows)

Binary data microsoftazurediscoveryservicewininstalled.nbin...

Microsoft Azure Web App Discovery And Assessment Service Installed (Windows)

Binary data microsoftazurewebappdiscoveryandassessmentservicewininstalled.nbin...

Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking

This tool compilation is carefully crafted with the purpose of being useful both for the beginners and veterans from the malware analysis world. It has also proven useful for people trying their luck at the cracking underworld. It's the ideal complement to be used with the manuals from the site,...

OESA-2024-1408 cri-o security update

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface. Security Fixes: A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the...

Open Information Security Foundation Suricata Installed (Linux)

Binary data oisfsuricatanixinstalled.nbin...

CVE-2024-21509

A prototype pollution vulnerability was found in mysql2. Insecure results in object creation and improper user input sanitization can lead to prototype poisoning. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Securit...

Excessive Memory Allocation (Throttling)

xpdf is vulnerable to Excessive Memory AllocationThrottling. The vulnerability is due to insufficient input validation, which allows crafted input to trigger excessive memory allocation. For example, sending a crafted PDF document to the pdftoppm binary can exploit this vulnerability, particularl...

Esri Portal For ArcGIS Installed (Windows)

Binary data esriportalforarcgiswininstalled.nbin...

CVE-2024-29902

Cosign provides code signing and transparency for containers and binaries. Prior to version 2.2.4, a remote image with a malicious attachment can cause denial of service of the host machine running Cosign. This can impact other services on the machine that rely on having memory available such as ...

GHSA-49J4-86M8-Q2JW mysql2 vulnerable to Prototype Poisoning

Versions of the package mysql2 before 3.9.4 are vulnerable to Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn in textparser.js and binaryparser.js...

CVE-2024-21509

The CVE-2024-21509 vulnerability affects the mysql2 package prior to version 3.9.4, as described across multiple sources. The root cause is Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn in text_parser.js and binary_parser....

The vulnerability of the Intel Binary Configuration Tool’s configuration modification utility lies in its uncontrolled search path, which allows an attacker to exploit their privileges.

The vulnerability of the Intel Binary Configuration Tool’s configuration modification utility is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a attacker to enhance their privileges...

CVE-2023-49907

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

CVE-2023-49912

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

CVE-2023-49906

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

CVE-2023-49911

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

CVE-2023-49913

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

CVE-2023-49907

Talos-1888 details a stack-based buffer overflow in TP-Link AC1350 (EAP225 V3) firmware v5.1.0 Build 20220926, caused by the handling of newline-delimited POST parameters (ssid, band, profile, action) in /data/scheduler.association.json. Specifically, the vulnerability arises from unsafe copying ...

CVE-2023-49912

CVE-2023-49912 describes a stack-based buffer overflow in the TP-Link AC1350 series (EAP225 V3) and EAP115 web interfaces, exposed through the Radio Scheduling feature. The vulnerability exists in the POST endpoint /data/scheduler.association.json, where an authenticated HTTP request with a craft...