93 matches found
MAL-2022-1679 Malicious code in breakpoint-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a0d64547164a19301c3747e4bf9a69142206767eace7a7bdc9c8dfa19705e04 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SUSE-SU-2022:0575-1 Security update for ucode-intel
This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220207 release. - CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege bsc1192615 - CVE-2021-0127: Intel Processor Breakpoint Control Flow...
Security update for ucode-intel (important)
openSUSE Security Update: Security update for ucode-intel Announcement ID: openSUSE-SU-2022:0574-1 Rating: important References: 1192615 1195779 1195780 1195781 Cross-References: CVE-2021-0127 CVE-2021-0145 CVE-2021-0146 CVE-2021-33120 CVSS scores: CVE-2021-0127 NVD : 5.5...
SUSE-SU-2022:0541-1 Security update for ucode-intel
This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220207 release. - CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege bsc1192615 - CVE-2021-0127: Intel Processor Breakpoint Control Flow...
Flare-Qdb - Command-line And Python Debugger For Instrumenting And Modifying Native Software Behavior On Windows And Linux
flare-qdb is a command-line and scriptable Python-based tool for evaluating and manipulating native program state. It uses Vivisect to set a breakpoint on each queried instruction and executes Python code when hit. flare-qdb frees the analyst to take a nonlinear approach to dynamic analysis that...
UVI-2021-1000450 ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook
ARM: 9064/1: hwbreakpoint: Do not directly check the event's overflowhandler hook This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.191 by...
CVE-2020-13466
STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration...
CVE-2020-13471
Apex Microelectronics APM32F103 devices allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration...
Design/Logic Flaw
STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration...
CVE-2020-13471
Apex Microelectronics APM32F103 devices allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration...
CVE-2020-13466
STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration...
The vulnerability of the `modify_user_hw_breakpoint()` function in the Linux operating system allows a hacker to execute arbitrary code.
The vulnerability of the modifyuserhwbreakpoint function in the Linux operating system is related to incorrect error handling. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
Patchless AMSI bypass using SharpBlock
Introduction For those that followed my personal blog posts on Creating an EDR and Bypassing It, I developed a new tool called SharpBlock. The tool implements a Windows debugger to prevent EDR’s or any other DLL from loading into a process that SharpBlock launches. One feature that was missing fr...
CVE-2018-1000199
An address corruption flaw was discovered in the Linux kernel built with hardware breakpoint CONFIGHAVEHWBREAKPOINT support. While modifying a h/w breakpoint via 'modifyuserhwbreakpoint' routine, an unprivileged user/process could use this flaw to crash the system kernel resulting in DoS OR to...
WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Exploit
Exploit for multiple platform in category web applications Title: WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Exploit Author: Gal Weizman Vendor Homepage: https://www.whatsapp.com Software Link: https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe Software Link:...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1266)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2018-1265)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Dwarf - Full Featured Multi Arch/Os Debugger Built On Top Of PyQt5 And Frida
A debugger for reverse engineers, crackers and security analyst. Or you can call it damn, why are raspberries so fluffy or yet, duck warriors are rich as fuck. Whatever you like! Built on top of pyqt5, frida and some terrible code. Checkout the website for features, api and examples CHANGELOG...
CVE-2018-7855
A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a Denial of Service when sending invalid breakpoint parameters to the controller over Modbus...
Schneider Electric Modicon Illegal Breakpoint Parameter Denial of Service Vulnerability
The Schneider Electric Modicon M580, M340 is a programmable automation controller. An illegal breakpoint parameter handling vulnerability exists in the Schneider Electric Modicon M580, M340, which allows remote attackers to exploit the vulnerability by submitting a special request, which can be...