BIT-ENVOY-2021-39204 Excessive CPU usage in Pomerium

Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. This can result in a DoS condition. Pomerium versio...

Amazon CloudWatch Agent Installed (Unix)

Binary data amazoncloudwatchagentnixinstalled.nbin...

Moderate: Red Hat Bug Fix Advisory: libssh bug fix update

An update for libssh is now available for Red Hat Enterprise Linux 9. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Bug Fixes: libssh: ssh: Prefix truncation attack on Binary Packet Protocol BPP JIRA:RHEL-20939...

CVE-2024-25731

The Elink Smart eSmartCam com.cn.dq.ipc application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data e.g., over Wi-Fi...

AiLux imx6 Security Vulnerability

AiLux imx6 is a computing module from AiLux. A security vulnerability exists in the AiLux imx6 imx61.0.7-2 version that originates from the execution of a binary file with unnecessary privileges...

Elink Smart eSmartCam Security Vulnerability

Elink Smart eSmartCam is a smart camera from Elink Smart. A security vulnerability exists in Elink Smart eSmartCam version 2.1.5, which stems from a vulnerability that allows an attacker to extract hard-coded AES encryption keys from a binary file...

Apple iOS < 16.7.6 Multiple Vulnerabilities (120880)

Binary data appleios1676check.nbin...

JetBrains TeamCity Authentication Bypass (CVE-2024-27198)

Binary data teamcitycve-2024-27198.nbin...

Apple iOS < 17.4 Multiple Vulnerabilities (120893)

Binary data appleios174check.nbin...

PT-2024-13255 · Unknown · Ailux Imx6 Bundle

Name of the Vulnerable Software and Affected Versions: AiLux imx6 bundle versions prior to imx6 1.0.7-2 Description: A heap-based buffer overflow vulnerability in the logger generic function of the Ax rtu binary allows a remote authenticated attacker to trigger a memory corruption. This may resul...

Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 openssh: potential...

Moderate: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

Tenable Agent Identification

Binary data agentidentify.nbin...

DEBIAN-CVE-2023-52477

In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields inside udev-bos without checking if it was allocated and initialized. If...

Enumerate PHP Composer Packages (Linux / Unix)

Binary data phpcomposerenumnix.nbin...

Parse Nginx Config (Linux)

Binary data nginxnixparseconfig.nbin...

Ruby Programming Language Installed (macOS)

Binary data rubymacosinstalled.nbin...

Enumerate PHP Composer Packages (Windows)

Binary data phpcomposerenumwin.nbin...

The vulnerability of the File Transfer Protocol (FTP) implementation in the microprogrammed networking devices of ZyXEL USG FLEX, USG FLEX 50(W)/USG20(W)-VPN, USG FLEX H, and ATP allows a perpetrator to execute arbitrary commands.

The vulnerability of the File Transfer Protocol FTP implementation in microprogrammed network devices such as ZyXEL USG FLEX, USG FLEX 50W/USG20W-VPN, USG FLEX H, and ATP lies in the lack of measures to neutralize special elements used in operating system commands during the loading of binary...

Roundcube Webmail Service Detection

Binary data roundcubewebmaildetect.nbin...