CVE-2021-28840

Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the uploadconfig function of sbin/httpd binary...

CVE-2021-28956

The unofficial vscode-sass-lint aka Sass Lint extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2021-40008

There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary...

CVE-2021-43978

Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary files, which allows users to access and modify data using the same credentials...

CVE-2021-35508

NMSAccess32.exe in TeraRecon AQNetClient 4.4.13 allows attackers to execute a malicious binary with SYSTEM privileges via a low-privileged user account. To exploit this, a low-privileged user must change the service configuration or overwrite the binary service...

CVE-2021-35505

Afian FileRun 2021.03.26 allows Remote Code Execution by administrators via the Check Path value for the magick binary...

CVE-2021-30879

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...

CVE-2021-30359

The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation...

CVE-2021-38088

Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking...

CVE-2024-13946

DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

CVE-2021-21415

Prisma VS Code a VSCode extension for Prisma schema files. This is a Remote Code Execution Vulnerability that affects all versions of the Prisma VS Code extension older than 2.20.0. If a custom binary path for the Prisma format binary is set in VS Code Settings, for example by downloading a proje...

CVE-2021-21292

Traccar is an open source GPS tracking system. In Traccar before version 4.12 there is an unquoted Windows binary path vulnerability. Only Windows versions are impacted. Attacker needs write access to the filesystem on the host machine. If Java path includes a space, then attacker can lift their...

CVE-2021-43711

The downloadFlile.cgi binary file in TOTOLINK EX200 V4.0.3c.7646B20201211 has a command injection vulnerability when receiving GET parameters. The parameter name can be constructed for unauthenticated command execution...

CVE-2021-40576

The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the gfisomgetpaytcount function in hinttrack.c, which allows attackers to cause a denial of service...

CVE-2021-37402

OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via binary data that is mishandled when the legacy dataretrieval endpoint has been enabled...

CVE-2021-35504

Afian FileRun 2021.03.26 allows Remote Code Execution by administrators via the Check Path value for the ffmpeg binary...

CVE-2021-28953

The unofficial C/C++ Advanced Lint extension before 1.9.0 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted repository...

CVE-2024-13946

CVE-2024-13946 involves DLLs not being digitally signed when loaded by ASPECT’s configuration toolset, creating a binary-planting risk during device commissioning for ABB ASPECT-Enterprise (up to 3.), NEXUS Series (up to 3. ), and MATRIX Series (up to 3.*). Connected sources describe DLL hijackin...

CVE-2024-13946 Binary Planting / LoadLibrary DLL's not Signed

DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

CVE-2024-13946 Binary Planting / LoadLibrary DLL's not Signed

DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...