CVE-2023-33964 mx-chain-go does not treat invalid transaction with wrong username correctly

mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...

CVE-2023-33964 mx-chain-go does not treat invalid transaction with wrong username correctly

mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...

Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices

Cybersecurity researchers have found "backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format. Firmware security firm Eclypsium said it first detected the anomaly in April 2023...

Okta Advanced Server Access Client Installed (macOS)

Binary data oktaadvancedserveraccessclientmacinstalled.nbin...

Okta Advanced Server Access Client Installed (Windows)

Binary data oktaadvancedserveraccessclientwininstalled.nbin...

CVE-2023-28700

OMICARD EDM backend system’s file uploading function does not restrict upload of file with dangerous type. A local area network attacker with administrator privileges can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt servic...

Predator Android Spyware: Researchers Uncover New Data Theft Capabilities

Security researchers have detailed the inner workings of the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa previously Cytrox. Predator was first documented by Google's Threat Analysis Group TAG in May 2022 as part of attacks leveraging five differe...

CrowdStrike Falcon Sensor Installed (MacOSX)

Binary data crowdstrikefalconsensormacosinstalled.nbin...

Spring Cloud Gateway Code Injection (CVE-2022-22947)

Binary data springcloudgatewaycve-2022-22947direct.nbin...

PaperCut MF SecurityRequestFilter Authentication Bypass (CVE-2023-27351)

Binary data papercutmfcve-2023-27351.nbin...

Fetch Payloads: A Shorter Path from Command Injection to Metasploit Session

Over the last year, two-thirds of the exploit modules added to Metasploit Framework have targeted command injection vulnerabilities CWE-94: Improper Control of Generation of Code. In the process of helping new and existing open-source contributors learn how to use Metasploit’s command stager...

Schneider Electric APC Easy UPS Online Monitoring Software Unauthenticated RMI Calls (CVE-2023-28411)

Binary data schneiderelectricupsmonitoringsoftwareunauthrmi.nbin...

FatPipe MPVPN Web Detection

Binary data fatpipempvpnwebdetect.nbin...

Malware in pre-build binaries of bignum

Impact bignum releases from v0.12.2 to v0.13.0 inclusive used node-pre-gyp to optionally download pre-built binary versions of the addon. These binaries were published on a now-expired S3 bucket which has since been claimed by a malicious third party which is now serving binaries containing malwa...

Apache Tomcat < 9.0.18 Vulnerability

Binary data 701436.pasl...

Tenable Identity Exposure Installed (Windows)

Binary data tenableadwininstalled.nbin...

CVE-2023-23305

The GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 is vulnerable to various buffer overflows when loading binary resources. A malicious application embedding specially crafted resources could hijack the execution of the device's firmware...

CVE-2023-31670

An issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and wasm-validate 1.0.32 allows attackers to cause a Denial of Service DoS via running a crafted binary...

CVE-2023-31670

An issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and wasm-validate 1.0.32 allows attackers to cause a Denial of Service DoS via running a crafted binary...

DEBIAN-CVE-2023-31670

An issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and wasm-validate 1.0.32 allows attackers to cause a Denial of Service DoS via running a crafted binary...