CVE-2025-10885

A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of loaded binaries. An attacker with local and low-privilege access could exploit this to execute code as SYSTEM...

CVE-2025-10885

CVE-2025-10885 – Autodesk Installer Privilege Escalation: A local, low-privilege attacker can craft a malicious file that is loaded during installation, taking advantage of insufficient validation of loaded binaries to execute code as NT AUTHORITY\SYSTEM. The linked Nessus/NASL entry confirms the...

CVE-2025-10885 Privilege Escalation Vulnerability

A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of loaded binaries. An attacker with local and low-privilege access could exploit this to execute code as SYSTEM...

Autodesk Installer 安全漏洞

Autodesk Installer is an installer for software from the US company Autodesk. A security vulnerability exists in Autodesk Installer that stems from insufficient validation when loading binaries, which could result in elevation of privileges to NT AUTHORITY/SYSTEM...

Samba Installed (Linux)

Binary data sambalinuxinstalled.nbin...

GHSA-J2PC-V64R-MV4F Protobuf Maven Plugin protocDigest is ignored when using protoc from PATH

Summary The expected protocDigest is ignored when protoc is taken from the PATH. Details The documentation for the protocDigest parameter says: ... Users may wish to specify this if using a PATH-based binary ... However, when specifying PATH the protocDigest is not actually checked because the co...

Rapid7 Velociraptor Installed (Windows)

Binary data rapid7velociraptorwininstalled.nbin...

Siemens TeleControl Server Basic Information Disclosure (CVE-2025-40765)

Binary data siemenstelecontrolserverbasiccve-2025-40765.nbin...

A Large Scale Study of AI-Based Binary Function Similarity Detection Techniques for Security Researchers and Practitioners

Binary Function Similarity Detection BFSD is a foundational technique in software security, underpinning a wide range of applications including vulnerability detection, malware analysis. Recent advances in AI-based BFSD tools have led to significant performance improvements. However, existing...

Towards Ultra-Low Latency: Binarized Neural Network Architectures for In-Vehicle Network Intrusion Detection

The Control Area Network CAN protocol is essential for in-vehicle communication, facilitating high-speed data exchange among Electronic Control Units ECUs. However, its inherent design lacks robust security features, rendering vehicles susceptible to cyberattacks. While recent research has...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: Platform/x86/intel/pmt: Fixed an issue with NULL pointer access in crashlog. The use of intelpmtread for binary sysfs requires a pcidev. The current use of the endpoint value is only valid for telemetry endpoint usage. Without...

SQL Injection

Overview fosslight-binary is a FOSSLight Binary Scanner Affected versions of this package are vulnerable to SQL Injection due to unsanitized string formatting of filename-, hecksum-, and TLSH-derived values into SQL queries. An attacker can view, modify, or delete data in the underlying database,...

GO-2025-4043 NeuVector is shipping cryptographic material into its binary in github.com/neuvector/neuvector

NeuVector is shipping cryptographic material into its binary in github.com/neuvector/neuvector. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerabilit...

Dynamic binary instrumentation (DBI) with DynamoRio

This blog introduces dynamic binary instrumentation DBI and guides you through building your own DBI tool with the open-source DynamoRIO framework on Windows 11. DBI enables powerful runtime analysis and modification of binaries critical for malware analysis, security auditing, reverse engineerin...

EUVD-2025-35219

NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...

CVE-2025-54471

The CVE-2025-54471 entry concerns NeuVector where a hard-coded cryptographic key was embedded in the source and replaced at compile time, then used to encrypt sensitive configurations stored by NeuVector. Affected data and configurations could be exposed due to the improper key handling. The prov...

ArcGIS Server HTTP Detection

Binary data arcgisserverhttpdetect.nbin...

CVE-2025-12424

Privilege Escalation through SUID-bit Binary.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

Siemens Teamcenter Visualization Installed (Windows)

Binary data siemensteamcentervisualizationinstalled.nbin...

ProjectSend Web Detection

Binary data projectsendwebdetect.nbin...