Accusoft ImageGear 缓冲区错误漏洞

Accusoft ImageGear is a multi-platform, multi-language document imaging developer toolkit. An out-of-bounds write vulnerability exists in the TIF bitspersample handling function in Accusoft ImageGear version 19.9. An attacker can exploit the vulnerability via a specially crafted file to cause...

UVI-2021-1000287 m68k: mvme147,mvme16x: Don't wipe PCC timer config bits

m68k: mvme147,mvme16x: Don't wipe PCC timer config bits This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...

DEBIAN-CVE-2020-22016

A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec/getbits.h when writing .mov files, which might lead to memory corruption and other potential consequences...

FFmpeg 缓冲区错误漏洞

FFmpeg is a complete solution for recording, converting and streaming audio and video. A heap buffer overflow vulnerability exists in libavcodec/getbits.h in FFmpeg version 4.2 when writing to .mov files. An attacker could exploit this vulnerability to cause memory corruption...

Improper Sanitizing of plugin names in helm

Impact Security researchers at Trail of Bits discovered that plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to hel...

GHSA-M54R-VRMV-HW33 Improper Sanitizing of plugin names in helm

Impact Security researchers at Trail of Bits discovered that plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to hel...

GHSA-JM56-5H66-W453 Repository index file allows for duplicates of the same chart entry in helm

Impact During a security audit of Helm's code base, security researchers at Trail of Bits identified a bug in which the a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs...

GHSA-9VP5-M38W-J776 Aliases are never checked in helm

Impact During a security audit of Helm's code base, security researchers at Trail of Bits identified a bug in which the alias field on a Chart.yaml is not properly sanitized. This could lead to the injection of unwanted information into a chart. Patches This issue has been patched in Helm 3.3.2 a...

May 11, 2021—KB5003197 (OS Build 14393.4402) - EXPIRED

May 11, 2021—KB5003197 OS Build 14393.4402 - EXPIRED EXPIRATION NOTICE As of 9/12/2023, KB5003197 is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. --- 11/19/20 For...

changeDAO should be a two-step process in Vader.sol

Handle 0xRajeev Vulnerability details Impact changeDAO updates DAO address in one-step. If an incorrect address is mistakenly used and voted upon then future administrative access or recovering from this mistake is prevented because onlyDAO modifier is used for changeDAO, which requires msg.sende...

Hackers Using a Windows OS Feature to Evade Firewall and Gain Persistence

A novel technique adopted by attackers finds ways to use Microsoft's Background Intelligent Transfer Service BITS so as to deploy malicious payloads on Windows machines stealthily. In 2020, hospitals, retirement communities, and medical centers bore the brunt of an ever-shifting phishing campaign...

Back in a Bit: Attacker Use of the Windows Background Intelligent Transfer Service

In this blog post we will describe: How attackers use the Background Intelligent Transfer Service BITS Forensic techniques for detecting attacker activity with data format specifications Public release of the BitsParser tool A real-world example of malware using BITS persistence --- Introduction...

MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path

Exploit Title: MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 03-19-2020 Vendor Homepage: https://macpaw.com/encrypto Software Links : https://dl.devmate.com/com.macpaw.win.Encrypto/EncryptoforWin.exe?cid=78456412.1616181092 Tested...

Configuration Tool 1.6.53 Unquoted Service Path

Exploit Title: Configuration Tool 1.6.53 - 'OpLclSrv' Unquoted Service Path Discovery by: Brian Rodriguez Date: 07-03-2021 Vendor Homepage: https://www.oki.com Software Links:...

OESA-2021-1060 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash.CVE-2017-9114 ...

CVE-2021-3418

If certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown, yet it could have been tampered. This flaw is a reintroduction...

VulnCheck KEV: CVE-2020-0787

Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges...

Softros LAN Messenger 9.6.4 - (SoftrosSpellChecker) Unquoted Service Path Vulnerability

Exploit Title: Softros LAN Messenger 9.6.4 - 'SoftrosSpellChecker' Unquoted Service Path Discovery by: Victor Mondragón Vendor Homepage: https://www.softros.com/ Software Links : https://download.softros.com/SoftrosLANMessengerSetup.exe Tested Version: 9.6.4 Vulnerability Type: Unquoted Service...

PDFCOMPLETE Corporate Edition 4.1.45 Unquoted Service Path

Exploit Title: PDFCOMPLETE Corporate Edition 4.1.45 - 'pdfcDispatcher' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 02-11-2020 Vendor Homepage: https://www.pdfcomplete.com/cms/dpl/tabid/111/Default.aspx?r=du2vH8r Software Links : https://pdf-complete.informer.com/download/ Test...

PDFCOMPLETE Corporate Edition 4.1.45 - 'pdfcDispatcher' Unquoted Service Path

Exploit Title: PDFCOMPLETE Corporate Edition 4.1.45 - 'pdfcDispatcher' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 02-11-2020 Vendor Homepage: https://www.pdfcomplete.com/cms/dpl/tabid/111/Default.aspx?r=du2vH8r Software Links : https://pdf-complete.informer.com/download/ Test...