Information disclosure

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...

Information disclosure

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...

CVE-2021-30880

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...

CVE-2021-30879

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...

CVE-2021-30877

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...

CVE-2021-30877

CVE-2021-30877 is an Apple macOS AppleScript-related vulnerability involving an out-of-bounds read in an AppleScript binary. The issue was fixed by improved bounds checking and applies to macOS Monterey 12.0.1, Security Update 2021-007 Catalina, and macOS Big Sur 11.6.1. Exploitation could lead t...

CVE-2021-30876

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...

CVE-2021-33191

From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command which was designed to patch the application binary. This "patching" command defaults to calling a trusted binary, but might be modified to an arbitrary value through a "c2-update" command. Said command ...

CVE-2021-33191 MiNiFi CPP arbitrary script execution is possible on the agent's host machine through the c2 protocol

From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command which was designed to patch the application binary. This "patching" command defaults to calling a trusted binary, but might be modified to an arbitrary value through a "c2-update" command. Said command ...

CVE-2021-33191

CVE-2021-33191 affects Apache NiFi MiNiFi C++ 0.5.0. The c2 protocol implements an agent-update command designed to patch the application binary, but an attacker could modify the c2-update path to execute an arbitrary command via the same privileges as the MiNiFi binary. This leads to potential a...

Apple macOS Big Sur 缓冲区错误漏洞

Apple macOS Big Sur is a mobile application app from Apple USA. A buffer error vulnerability exists in multiple Apple products that stems from an out-of-bounds read issue. An attacker could cause an unexpected application termination or process memory leak via a maliciously crafted AppleScript...

Apple macOS Big Sur缓冲区错误漏洞

Apple macOS Big Sur is a mobile application app from Apple USA. A buffer error vulnerability exists in multiple Apple products that stems from an out-of-bounds read issue. An attacker could cause an unexpected application termination or process memory leak via a maliciously crafted AppleScript...

Adobe Captivate Installed (Mac OS X)

Binary data macosxadobecaptivateinstalled.nbin...

ProLink PRC2402M Information Disclosure Vulnerability (CVE-2021-36708)

ProLink PRC2402M is a router from ProLink Singapore. An information disclosure vulnerability exists in the setsysinit function in the login.cgi binary file of ProLink PRC2402M 1.0.18 and prior versions. An attacker can exploit this vulnerability to reset the password in the administrator interfac...

Microsoft Remote Desktop Client Installed

Binary data remotedesktopinstalled.nbin...

Google Chrome < 92.0.4515.159 Multiple Vulnerabilities

Binary data 701360.pasl...

CVE-2021-35393

Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or miniupnpd and is the successor to miniigd. The server is vulnerable to a stack buffer overflow vulnerability that is present due ...

CVE-2021-35394

Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote...

Realtek Jungle SDK 缓冲区错误漏洞

The Realtek Jungle SDK provides an HTTP web server that exposes a management interface that can be used to configure access points. A security vulnerability exists in the Realtek Jungle SDK, which stems from the fact that Realtek Jungle SDK versions v2.x through v3.4.14B provide a "WiFi Simple...

Null Pointer Dereference Vulnerability in Multiple D-Link Products (CNVD-2021-94840)

The D-Link DAP-2310 is a single-band wireless network access point for small businesses or schools that need a fast and reliable wireless network.The D-Link DAP-2330 is a wireless N300 single-band PoE access point. A null pointer dereference vulnerability exists in multiple D-Link products, which...