Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from a lack of warning to the user and could potentially be initiated using a hidden debugging strategy...

APCLdr - Payload Loader With Evasion Features

Payload Loader With Evasion Features. Features: no crt functions imported indirect syscalls using HellHall api hashing using CRC32 hashing algorithm payload encryption using rc4 - payload is saved in .rsrc Payload injection using APC calls - alertable thread Payload execution using APC - alertabl...

The vulnerabilities of the Fortinet FortiManager software, the FortiAnalyzer network firewall, the FortiSwitch network switches with embedded software, and the Fortinet FortiPortal security analysis and management tool allow attackers to disclose sensitive information.

The vulnerabilities of the Fortinet FortiManager device management software, FortiAnalyzer network monitoring software, FortiSwitch network switch software, and Fortinet FortiPortal security analysis and management tool are related to the lack of protection for sensitive data. Exploiting these...

Buffalo network devices 安全漏洞

Buffalo network devices are a family of network devices from Buffalo, Japan. A security vulnerability exists in Buffalo network devices that stems from the use of hard-coded credentials, which could be exploited by an attacker to gain access to the debugging capabilities of the product...

null pointer dereference in class_object_index at vim9class.c:1356

Description null pointer dereference in classobjectindex at vim9class.c:1356 variable cl in classobjectindex at vim9class.c:1254 is NULL at last, reference to cl refers to NULL Version $ git log commit c727b19e9f1df36e44321d933334c7b4961daa54 HEAD - master, tag: v9.0.1374, origin/master,...

The vulnerability of Microsoft’s .NET Framework and .NET software platforms lies in the insufficient protection of operational data during code debugging, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft .NET Framework and .NET software platforms is related to insufficient protection of sensitive data during code debugging. Exploiting this vulnerability can allow attackers to execute arbitrary code...

Remote Code Execution (RCE)

.NET is vulnerable to Remote Code Execution RCE. The vulnerability exists because the library does not properly validate the debugging symbols, allowing an attacker to inject and execute malicious code while reading a malicious symbols file...

Security Updates for Microsoft .NET core (February 2023)

A remote code execution vulnerability exists in .NET core 6.0 6.0.14 and .NET Core 7.0 7.0.3. This vulnerability exists due to how .NET reads debugging symbols, where reading a malicious symbols file may result in remote code execution. An unauthenticated, local attacker can exploit this, to bypa...

Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar

Cybersecurity researchers have unearthed a new piece of evasive malware dubbed Beep that's designed to fly under the radar and drop additional payloads onto a compromised host. "It seemed as if the authors of this malware were trying to implement as many anti-debugging and anti-VM anti-sandbox...

Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar

Cybersecurity researchers have unearthed a new piece of evasive malware dubbed Beep that's designed to fly under the radar and drop additional payloads onto a compromised host. "It seemed as if the authors of this malware were trying to implement as many anti-debugging and anti-VM anti-sandbox...

SUSE CVE-2006-1855

choosenewparent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service panic by causing certain circumstances involving termination of a parent process...

SUSE CVE-2009-0368

OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program...

SUSE CVE-2011-3650

Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service memory corruption and application crash or possibly have...

SUSE CVE-2012-0064

xkeyboard-config before 2.5 in X.Org before 7.6 enables certain XKB debugging functions by default, which allows physically proximate attackers to bypass an X screen lock via keyboard combinations that break the input grab...

SUSE CVE-2012-3973

The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote attackers to execute arbitrary code by leveraging the presence of the HTTPMonitor extension and...

SUSE CVE-2013-0154

The getpagetype function in xen/arch/x86/mm.c in Xen 4.2, when debugging is enabled, allows local PV or HVM guest administrators to cause a denial of service assertion failure and hypervisor crash via unspecified vectors related to a hypercall...

SUSE CVE-2017-15393

Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak...

SUSE CVE-2018-5132

The Find API for WebExtensions can search some privileged pages, such as "about:debugging", if these pages are open in a tab. This could allow a malicious WebExtension to search for otherwise protected data if a user has it open. This vulnerability affects Firefox 59...

SUSE CVE-2019-5765

An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent...

SUSE CVE-2019-1010180

GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet...