CVE-2022-27965

Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27963

Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27964

Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27966

Xshell v7.0.0099 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27963

Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27964

Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27965

Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27966

Xshell v7.0.0099 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27964

Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

Design/Logic Flaw

Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

Design/Logic Flaw

Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

Design/Logic Flaw

Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27966

CVE-2022-27966 affects NetSarang Xshell 7.0.0099 and earlier. The vulnerability is described as a binary hijack that allows an attacker to execute arbitrary code by supplying a crafted .exe file. Documented impact is arbitrary code execution with local attack vector, and the CVSS basis values ind...

CVE-2022-27964

Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27965

Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27965

Summary: CVE-2022-27965 affects NetSarang Xlpd, ≤ v7.0.0094. The issue is described as a binary hijack that enables arbitrary code execution when processing a crafted .exe file. The connected records confirm the affected product/version and the basic impact (arbitrary code execution) but do not p...

CVE-2022-27963

Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27963

CVE-2022-27963 affects NetSarang Xftp (v7.0.0088p and earlier). The vulnerability is a binary hijack allowing arbitrary code execution via a crafted .exe file. Public references in Red Hat and NVD corroborate the flaw in Xftp's handling of executable binaries, enabling local execution with high p...

New PlugX variant “Talisman” used by famous Chinese APT

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here PlugX is a well-known malware family with samples dating back to as early as 2008. A Chinese state-backed threat actor, RedFoxtrot group, is discovered to use a new variant of the PlugX malware, Talisman. The threat actor grou...

Spring Cloud Function SPEL Expression Injection (direct check)

Binary data springcloudCVE-2022-22963.nbin...