CVE-2023-40551

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...

Apple iOS < 15.8.1 Multiple Vulnerabilities (HT214062)

Binary data appleios1581check.nbin...

Safari < 17.3 Multiple Vulnerabilities

Binary data 701457.pasl...

CVE-2023-40549

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

UBUNTU-CVE-2023-40549

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

Fortra GoAnywhere Managed File Transfer (MFT) < 7.4.1 Authentication Bypass (CVE-2024-0204)

Binary data fortragoanywheremftCVE-2024-0204.nbin...

Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks

Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised hosts. "The web shells are concealed within an unknown binary format and are designed to evade security...

Linux has a binary vulnerability

Linux is an open source Unix-like operating system. Linux has a binary vulnerability that can be exploited by attackers to elevate privileges...

Rockwell FactoryTalk Activation Manager Installed (Windows)

Binary data rockwellfactorytalkactivationmanagerwininstalled.nbin...

DllNotificationInjection - A POC Of A New "Threadless" Process Injection Technique That Works By Utilizing The Concept Of DLL Notification Callbacks In Local And Remote Processes

DllNotificationInection is a POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes. An accompanying blog post with more details is available here: https://shorsec.io/blog/dll-notification-injection/ Ho...

PT-2024-40687 · Fasterxml · Jackson Dataformat Cbor

Name of the Vulnerable Software and Affected Versions: Jackson dataformat CBOR affected versions not specified Description: The issue is related to a security exception in the Jackson dataformat CBOR library. The crash occurs in the java.base/java.util.Arrays.copyOf method, which is called by...

GHSA-HFJ8-63C8-RMFW Duplicate Advisory: Inefficient Algorithmic Complexity in com.upokecenter:cbor

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-36p8-mvp6-cv38. This link is maintained to preserve external references. Original Description Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise...

CVE-2024-23684 upokecenter CBOR Denial of Service

Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...

CVE-2024-23684 upokecenter CBOR Denial of Service

Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...

CVE-2024-23684

CVE-2024-23684 affects the Java CBOR library from com.upokecenter (CBOR) versions 4.0.0–4.5.1. The issue is an inefficient algorithmic path in DecodeFromBytes that can be exploited by a malicious input to cause a denial of service. The NVD entry notes a remote attacker scenario depending on appli...

OESA-2024-1082 python-paramiko security update

This is a library for making SSH2 connections client or server. Emphasis is on using SSH2 as an alternative to SSL for making secure connections between python scripts. All major ciphers and hash methods are supported. SFTP client and server mode are both supported too. Security Fixes: The SSH...

Npm Trojan Bypasses UAC, Installs AnyDesk with "Oscompatible" Package

A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on compromised Windows machines. The package, named "oscompatible," was published on January 9, 2024, attracting a total of 380 downloads before it was taken down. oscompatible included ...

JetBrains IntelliJ IDEA Installed (macOS)

Binary data intellijideamacosinstalled.nbin...

Qnap VioStor Detection

Binary data qnapviostordetect.nbin...

CBOR Security Breach

CBOR is a C implementation of Concise Binary Object Representation by the individual developer Peter Occil. A security vulnerability exists in Concise Binary Object Representation CBOR versions 4.0.0 through 4.5.1. An attacker could exploit this vulnerability to cause a denial of service by passi...