EUVD-2021-3130

Malicious code in bioql PyPI...

F5 Networks BIG-IP : Perl vulnerability (K40508224)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.5 / 15.1.4.1 / 15.1.5 / 16.1.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K40508224 advisory. Perl before 5.30.3 has an integer overflow related to mishandling of a PLregkindOPn ==...

CVE-2021-0511

In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

CVE-2021-0511

In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

Input validation

In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

CVE-2021-0511

In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

ASB-A-178055795

In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

EulerOS Virtualization 2.9.1 : perl (EulerOS-SA-2021-1621)

According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk...

EulerOS 2.0 SP2 : perl (EulerOS-SA-2020-2380)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large ite...

EulerOS 2.0 SP3 : perl (EulerOS-SA-2020-2085)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer...

ALPINE-CVE-2020-10878

Perl before 5.30.3 has an integer overflow related to mishandling of a "PLregkindOPn == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection...

Invoker - Penetration Testing Utility

Penetration testing utility. The goal is to use this tool when access to some Windows OS features through GUI is restricted. Some features require administrative privileges. Capabilities: invoke the Command Prompt and PowerShell, download a file, schedule a task, add a registry key, connect to a...

GHSA-VQGP-4JGJ-5J64 Py-EVM is vulnerable to arbitrary bytecode injection

Py-EVM v0.2.0-alpha.33 allows attackers to make a vm.executebytecode call that triggers computation.stack.values with '"stack": 100, 100, 0' where b'\x' was expected, resulting in an execution failure because of an invalid opcode. This is reportedly related to "smart contracts can be executed...

Py-EVM is vulnerable to arbitrary bytecode injection

Py-EVM v0.2.0-alpha.33 allows attackers to make a vm.executebytecode call that triggers computation.stack.values with '"stack": 100, 100, 0' where b'\x' was expected, resulting in an execution failure because of an invalid opcode. This is reportedly related to "smart contracts can be executed...

Design/Logic Flaw

jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...

CVE-2013-4578

The CVE targets jarsigner in OpenJDK and Oracle Java SE prior to 7u51, allowing an attacker to bypass code-signing protection and inject unsigned bytecode into a signed JAR due to improper file validation. Affected: OpenJDK and Oracle Java SE (pre-7u51). Root cause is improper file validation in ...

CVE-2013-4578

jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...

jdwp-version NSE Script

Detects the Java Debug Wire Protocol. This protocol is used by Java programs to be debugged via the network. It should not be open to the public Internet, as it does not provide any security against malicious attackers who can inject their own bytecode into the debugged process. Documentation for...