PT-2021-7417 · Zimbra +1 · Zimbra Collaboration +1

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration ZCS versions 8.8.x through 9.x Description: An issue was discovered in Zimbra Collaboration, related to the Sudo configuration, which permits the zimbra user to execute the NGINX binary as root with arbitrary parameters...

CVE-2021-30359

The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation...

CVE-2021-30359

The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation...

CVE-2021-38461

The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key can be easily extracted from binaries...

Hardcoded credentials

The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key can be easily extracted from binaries...

OpenVPN Connect Installed (Windows)

Binary data openvpnconnectwininstalled.nbin...

Trend Micro ServerProtect Information Server Detection

Binary data trendmicroserverprotectinfoserverdetect.nbin...

Trend Micro ServerProtect Authentication Bypass Vulnerability (CVE-2021-36745)

Binary data trendmicroserverprotectcve-2021-36745.nbin...

Google Chrome < 95.0.4638.54 Multiple Vulnerabilities

Binary data 701375.pasl...

Trend Micro Apex One Uncontrolled Search Path Element Vulnerability

Trend Micro Apex One is a suite of endpoint security protection software from Trend Micro that provides automated threat detection and response capabilities. Trend Micro Apex One suffers from a code issue vulnerability that stems from the application allowing the inclusion of libraries from the...

nightmare

This is a course on binary exploitation and reverse engineering, specifically targeting Linux systems. The course is designed to be a comprehensive guide to learning binary exploitation and reverse engineering, with a focus on hands-on exercises and real-world examples. The course covers a range ...

Apple iOS < 15.0.2 Multiple Vulnerabilities (HT212846)

Binary data appleios1502check.nbin...

Trend Micro Apex One 代码问题漏洞

Trend Micro Apex One is a suite of endpoint security protection software from Trend Micro that provides automated threat detection and response capabilities. Trend Micro Apex One suffers from a code issue vulnerability that stems from the application allowing the inclusion of libraries from the...

Trend Micro Apex One 代码问题漏洞

Trend Micro Apex One is a suite of endpoint security protection software from Trend Micro that provides automated threat detection and response capabilities. Trend Micro Apex One suffers from a code issue vulnerability that stems from the application allowing the inclusion of libraries from the...

Apache Tomcat < 9.0.54 Vulnerability

Binary data 701373.pasl...

Apache Tomcat < 8.5.72 Vulnerability

Binary data 701371.pasl...

Apache Tomcat < 10.0.12 Vulnerability

Binary data 701372.pasl...

Apache Tomcat < 10.1.0-M6 Vulnerability

Binary data 701374.pasl...

Atlassian Jira Unauthenticated User Enumeration (CVE-2020-36289)

Binary data jiraCVE-2020-36289userenum.nbin...

Moodle Authenticated Spelling Binary Remote Code Execution Exploit

Moodle allows an authenticated user to define spellcheck settings via the web interface. The user can update the spellcheck mechanism to point to a system-installed aspell binary. By updating the path for the spellchecker to an arbitrary command, an attacker can run arbitrary commands in the...