Out-of-Bounds Write

w3m is vulnerable to out-of-bounds writes. checkType located in etc.c could be triggered by sending a crafted HTML file to the w3m binary, which allows an attacker to cause Denial of Service or possibly have unspecified other impact...

ALPINE-CVE-2022-41861

A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash...

Design/Logic Flaw

A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash...

Researchers Uncover 3 PyPI Packages Spreading Malware to Developer Systems

A threat actor by the name Lolip0p has uploaded three rogue packages to the Python Package Index PyPI repository that are designed to drop malware on compromised developer systems. The packages – named colorslib versions 4.6.11 and 4.6.12, httpslib versions 4.6.9 and 4.6.11, and libhttps version...

TIBCO JasperReports Library JAR Detection

Binary data tibcojasperreportslibraryjardetect.nbin...

Fuzzable - Framework For Automating Fuzzable Target Discovery With Static Analysis

Framework for Automating Fuzzable Target Discovery with Static Analysis. Introduction Vulnerability researchers conducting security assessments on software will often harness the capabilities of coverage-guided fuzzing through powerful tools like AFL++ and libFuzzer. This is important as it...

Metasploit Weekly Wrap-Up

New module content 2 Gather Dbeaver Passwords Author: Kali-Team Type: Post Pull request: 17337 contributed by cn-kali-team Description: This adds a post exploit module that retrieves Dbeaver session data from local configuration files. It is able to extract and decrypt credentials stored in these...

Schneider Electric APC Easy UPS Online Monitoring Software Detection

Binary data schneiderelectricupsmonitoringsoftwaredetect.nbin...

Auth0 jsonwebtoken Library Installed (Linux/UNIX)

Binary data auth0jsonwebtokennixinstalled.nbin...

vim 安全漏洞

Vim is a cross-platform text editor that is vulnerable to a binary vulnerability that could be exploited by attackers to execute arbitrary code...

Binary vulnerability exists in Vim (CNVD-2023-18122)

Vim is a cross-platform text editor that is vulnerable to a binary vulnerability that could be exploited by attackers to execute arbitrary code...

Schneider Electric APC Easy UPS Online Monitoring Software Missing Authentication (CVE-2022-42970)

Binary data schneiderelectricupsmonitoringsoftwarecve-2022-42970.nbin...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-1151)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-46791

Insufficient input validation during parsing of the System Management Mode SMM binary may allow a maliciously crafted SMM executable binary to corrupt Dynamic Root of Trust for Measurement DRTM user application memory that may result in a potential denial of service...

Input validation

Insufficient input validation during parsing of the System Management Mode SMM binary may allow a maliciously crafted SMM executable binary to corrupt Dynamic Root of Trust for Measurement DRTM user application memory that may result in a potential denial of service...

HTMLawed < 1.2.9 Command Injection (CVE-2022-35914)

Binary data htmlawedcmdinjection.nbin...

Linksys WRT54GL Denial of Service Vulnerability

The Linksys WRT54GL is a wireless router from Linksys USA. A denial of service vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router version 4.30.18.006 and prior versions, which stems from the presence of a null pointer dereference in the soapaction function in the upnp binary. An...

AMD System Management Mode 缓冲区错误漏洞

AMD System Management Mode is a system management mode from Ultraviolet Semiconductor AMD. A CPU execution mode. AMD System Management Mode suffers from a buffer error vulnerability that stems from insufficient validation of input when parsing binaries in its System Management Mode SMM could caus...

Zyxel Command Injection (CVE-2022-30525) (Direct Check)

Binary data zyxelCVE-2022-30525.nbin...

GLSA-202301-09 : protobuf-java: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202301-09 protobuf-java: Denial of Service - A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple...