1558 matches found
Design/Logic Flaw
In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access...
BugChecker - SoftICE-like Kernel Debugger For Windows 11
Introduction BugChecker is a SoftICE-like kernel and user debugger for Windows 11 and Windows XP as well: it supports Windows versions from XP to 11, both x86 and x64. BugChecker doesn't require a second machine to be connected to the system being debugged, like in the case of WinDbg and KD. This...
CVE-2023-35863
In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access...
MADEFORNET HTTP Debugger 竞争条件问题漏洞
MADEFORNET HTTP Debugger is a flagship product from the Estonian company MADEFORNET that helps Web developers, IT managers, and system and network administrators locate and eliminate Web site errors and identify performance bottlenecks. A security vulnerability exists in MADEFORNET HTTP Debugger...
CVE-2023-35863
CVE-2023-35863 affects MADEFORNET HTTP Debugger up to version 9.12. Root cause: the Windows service does not set the seclevel registry key before launching the driver, enabling an unprivileged local user to obtain a handle to the NetFilterSDK wrapper prior to the service gaining exclusive access....
PT-2023-25352 · Madefornet · Madefornet Http Debugger
Name of the Vulnerable Software and Affected Versions: MADEFORNET HTTP Debugger versions 9.12 and earlier Description: The issue arises because the Windows service in MADEFORNET HTTP Debugger does not set the seclevel registry key before launching the driver. This allows an unprivileged applicati...
CVE-2023-35863
In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access...
CVE-2023-29145
The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LDLIBRARYPATH, set LDPRELOAD, or run an executable file in a debugger...
PT-2023-22169 · Malwarebytes · Malwarebytes Edr
Name of the Vulnerable Software and Affected Versions: Malwarebytes EDR version 1.0.11 for Linux Description: The Malwarebytes EDR for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. An attacker can exploit...
Exploit for Code Injection in Vmware Spring_Framework
Spring4Shell Spring4Shell CVE-2022-22965 Proof Of Concept wi...
Exploit for Code Injection in Vmware Spring_Framework
Spring4Shell Spring4Shell CVE-2022-22965 Proof Of Concept wi...
[SECURITY] Fedora 38 Update: radare2-5.8.6-1.fc38
The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...
[SECURITY] Fedora 37 Update: radare2-5.8.6-1.fc37
The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...
WordPress Template Debugger Plugin <= 3.1.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software Template Debugger Type Plugin Vulnerable versions = 3.1.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-35773 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 56b91763eae2 Credits Nguyen Xuan Chien...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. There is a vulnerability in the MSDIA SDK where corrupted PDBs can cause heap overflow, leading to a crash or remote code execution. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm to version 6.0.18,...
CVE-2023-29543
An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...
CVE-2023-29543
An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...
CVE-2023-29543
An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...
CVE-2023-29543
An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...
CVE-2023-29543
An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...