31254 matches found
The vulnerability of TP-Link Omada er605 microcontroller-based software is caused by a full-integer overflow, allowing an attacker to execute arbitrary code.
The vulnerability of TP-Link Omada er605 microprogramming software is caused by a numerical overflow. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code within the context of a binary file named cloud-brd...
CVE-2023-51453
A Improper Input Validation issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payload triggering a missing input size check in the processpushfile function implemented in the libv2sdk....
WatchGuard XTM Firebox Unauthenticated Remote Command Execution Exploit
This Metasploit module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This...
Potential exposure to XZ Utils SSH Backdoor (CVE-2024-3094)
Binary data xzutilsbackdoorcve-2024-3094.nbin...
CVE-2024-3094
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in...
Siemens Polarion ALM Detection
Binary data siemenspolarionalmdetect.nbin...
Linear eMerge Code RCE (CVE-2019-7256)
Binary data linearemergecve-2019-7256.nbin...
Fedora: Security Advisory (FEDORA-2024-de10068888)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WatchGuard XTM Firebox Unauthenticated Remote Command Execution
This module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This vulnerability impac...
CVE-2024-0259
Fortra's Robot Schedule Enterprise Agent for Windows prior to version 3.04 is susceptible to privilege escalation. A low-privileged user can overwrite the service executable. When the service is restarted, the replaced binary runs with local system privileges, allowing a low-privileged user to ga...
Untrusted Search Path
PanelSwWix4.Sdk is vulnerable to Untrusted Search Path. The vulnerability is due to Burn's practice of copying binaries to the unprotected C:\Windows\Temp directory and running them from that unprotected location. This directory is not adequately protected against low privilege user modifications...
Critical: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift Builds 1.0.1
An update is now available for Red Hat OpenShift Builds 1.0. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...
PT-2024-15419 · Fortra · Robot Schedule Enterprise Agent
Name of the Vulnerable Software and Affected Versions: Fortra's Robot Schedule Enterprise Agent for Windows versions prior to 3.04 Description: The issue allows a low-privileged user to overwrite the service executable. When the service is restarted, the replaced binary runs with local system...
CVE-2024-0077
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, where it allows a guest OS to allocate resources for which the guest OS is not authorized. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information...
Noia - Simple Mobile Applications Sandbox File Browser Tool
Noia is a web-based tool whose main aim is to ease the process of browsing mobile applications sandbox and directly previewing SQLite databases, images, and more. Powered by frida.re. Please note that I'm not a programmer, but I'm probably above the median in code-savyness. Try it out, open an...
CLSA-2024-1711475067 libssh: Fix of 2 CVEs
CVE-2023-1667: fix possible NULL-pointer dereference during re-keying with algorithm guessing - CVE-2023-48795: fix the prefix truncation attack on Binary Packet Protocol...
Oracle Session Border Controller (SBC) Detection
Binary data oraclesbcdetect.nbin...
Fortra FileCatalyst Direct Server Installed (Linux / Unix)
Binary data fortrafilecatalystdirectnixinstalled.nbin...
WiX based installers are vulnerable to binary hijack when run as SYSTEM
Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...
GHSA-RF39-3F98-XR7R WiX based installers are vulnerable to binary hijack when run as SYSTEM
Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...