31254 matches found
IBM WebSphere Application Server Installed (Linux)
Binary data ibmwebsphereapplicationservernixinstalled.nbin...
UAFuzz - Binary-level Directed Fuzzing For Use-After-Free Vulnerabilities
Directed Greybox Fuzzing DGF like AFLGo aims to perform stress testing on pre-selected potentially vulnerable target locations, with applications to different security contexts: 1 bug reproduction, 2 patch testing or 3 static analysis report verification. There are recently more research work tha...
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...
Understanding Binary and Data Representation with CyberChef
A significant part of reverse engineering and attacking devices relies on viewing and recognising data in various forms and working out how to decode it. We typically use Linux tools and scripts to do this, but you can make the first few steps using a really neat online tool called CyberChef. Wha...
OpenOffice Installed (macOS)
Binary data macosopenofficeinstalled.nbin...
Cisco Security Manager < 4.23 Path Traversal Vulnerability (direct check)
Binary data ciscosecuritymanagercve202027130.nbin...
pwntools
This is an offensive tool for binary exploitation. It is a Python library called pwntools, which provides a set of tools for binary exploitation and reverse engineering. The library is designed to be used by security researchers and penetration testers to identify and exploit vulnerabilities in...
openGauss: Restricting the Permission for the ${GAUSSHOME}/bin Directory
The $GAUSSHOME/bin directory stores database binary files. To prevent them from being tampered or damaged and protect customer information from security threats, this directory must be protected and deny unauthorized user access. Copyright C 2020 Greenbone Networks GmbH Some text descriptions mig...
Binary Vulnerability in TGA Image Processing by Kinco Designer Configuration Software of Shanghai BBK
Shanghai BUCO Automation Co., Ltd. has been focusing on the research, development, production, sales and related technical services of core components for industrial automation equipment control and industrial IoT/Internet software and hardware, and providing customers with equipment automation...
GaussDB Kernel: Restricting the Permission for the ${GAUSSHOME}/bin Directory
The $GAUSSHOME /bin directory stores database binary files. To prevent them from being tampered or damaged and protect customer information from security threats, this directory must be protected and deny unauthorized user access. Copyright C 2020 Greenbone Networks GmbH Some text descriptions...
Doctrack - Tool To Manipulate And Insert Tracking Pixels Into Office Open XML Documents (Word, Excel)
Tool to manipulate and insert tracking pixels into Office Open XML documents. Features Insert tracking pixels into Office Open XML documents Word and Excel Inject template URL for remote template injection attack Inspect external target URLs and metadata Create Office Open XML documents TODO...
Authorization
JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to an Authorization Bypass because the Collector component is not properly validating an authenticated session with the Viewer. If the Viewer has been modified binary patched and the Bypass Login functionality is being used, an...
CVE-2020-28054
CVE-2020-28054 affects JamoDat TSMManager Collector (versions up to 6.5.0.21). The root cause is improper validation of an authenticated session between the Viewer and the Collector, enabling an Authorization Bypass where a modified Viewer (binary patched) can perform Collector actions as if logg...
CVE-2020-28054
JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to an Authorization Bypass because the Collector component is not properly validating an authenticated session with the Viewer. If the Viewer has been modified binary patched and the Bypass Login functionality is being used, an...
Purgalicious VBA: Macro Obfuscation With VBA Purging
Malicious Office documents remain a favorite technique for every type of threat actor, from red teamers to FIN groups to APTs. In this blog post, we will discuss "VBA Purging", a technique we have increasingly observed in the wild and that was first publicly documented by Didier Stevens in Februa...
Binary Vulnerability in KINCO DTools
Shanghai BUCO Automation Co., Ltd. has been focusing on the research, development, production, sales and related technical services of core components for industrial automation equipment control and industrial IoT/Internet software and hardware, as well as providing customers with equipment...
Binary vulnerability in KINCO DTools (CNVD-2020-68574)
Shanghai BUCO Automation Co., Ltd. has been focusing on the research, development, production, sales and related technical services of core components for industrial automation equipment control and industrial IoT/Internet software and hardware, as well as providing customers with solutions for...
IBM Spectrum Protect Operations Center Detection
Binary data ibmspectrumprotectocdetect.nbin...
Binary Vulnerability in Shanghai BUCO KINCO Touch Screen Configuration Editor Software (CNVD-2020-69458)
Shanghai BUCO Automation Co., Ltd. has been focusing on the research, development, production, sales and related technical services of core components for industrial automation equipment control and industrial IoT/Internet software and hardware, and providing customers with equipment automation...
Binary Vulnerability in Shanghai BUCO KINCO Touch Screen Configuration Editor Software
Shanghai BUCO Automation Co., Ltd. has been focusing on the research, development, production, sales and related technical services of core components for industrial automation equipment control and industrial IoT/Internet software and hardware, and providing customers with equipment automation...