vmwgfx Driver File Descriptor Handling Privilege Escalation Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vmwgfx Driver File Descriptor Handling Priv Esc', 'Description' = %q If the vmwgfx driver fails to copy the 'fencerep' object to userland, it tri...

Rapid7 Observes Use of Microsoft OneNote to Spread Redline Infostealer Malware

Author: Thomas Elkins Contributors: Matt Green, James Dunne, and Hernan Diaz Rapid7 routinely conducts research into the wide range of techniques that threat actors use to conduct malicious activity. One objective of this research is to discover new techniques being used in the wild, so we can...

pesign 路径遍历漏洞

pesign is a tool for signing PE-COFF binaries, hoping to be at least vaguely compliant with the PE and Authenticode specifications. A security vulnerability exists in pesign. An attacker could exploit this vulnerability to access privileged files and directories via a path traversal attack...

Oracle Business Intelligence Enterprise Edition (OBIEE) Installed

Binary data oraclebusinessintelligenceenterpriseeditioninstalled.nbin...

Sophos Unified Threat Management (UTM) Local Detection

Binary data sophosutmdetect.nbin...

CVE-2022-23334

The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature checks on executed binaries, allowing attackers to have write access and escalate privileges via replacing NEWTESTREMOTEMANAGER.EXE...

AZL-37145 CVE-2022-48303 affecting package tar for versions less than 1.34-3

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...

CVE-2022-37704

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure...

PT-2023-13547 · Amanda +2 · Amanda +2

Name of the Vulnerable Software and Affected Versions: Amanda version 3.5.1 Description: The issue allows privilege escalation from a regular user backup to root. A SUID binary located at /lib/amanda/rundump executes /usr/sbin/dump as root with controlled arguments from the attacker, which may le...

UBUNTU-CVE-2022-37704

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure...

Yaralyzer - Visually Inspect And Force Decode YARA And Regex Matches Found In Both Binary And Text Data, With Colors

Visually inspect all of the regex matches and their sexier, more cloak and dagger cousins, the YARA matches found in binary data and/or text. See what happens when you force various character encodings upon those matched bytes. With colors. Quick Start pipx install yaralyzer Scan against YARA...

[SECURITY] Fedora 37 Update: rust-exa-0.10.1-9.fc37

exa is a modern replacement for the command-line program ls that ships with Unix and Linux operating systems, with more features and better defaults. It uses colours to distinguish file types and metadata. It knows about symlinks, extended attributes, and Git. And it=EF=BF=BD=EF=BF =BD=EF=BF=BDs...

Vim has a binary vulnerability (CNVD-2023-17836)

Vim is a cross-platform text editor. Vim suffers from a binary vulnerability that can be exploited by attackers to cause software crashes, memory modification, and remote execution...

CVE-2022-47632

Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed a...

Dell PowerProtect Cyber Recovery Installed (Linux)

Binary data dellcyberrecoverynixinstalled.nbin...

Linanto Control Web Panel (CWP) Web Interface Detection

Binary data lintanocontrolwebpanelwebinterfacedetect.nbin...

Linanto Control Web Panel (CWP) Installed (Linux)

Binary data lintanocontrolwebpanelnixinstalled.nbin...

CVE-2022-42490

Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...

CVE-2022-42491

Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...

Command injection

Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...