SUSE CVE-2020-26964

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix...

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution in the way it reads debugging symbols, where reading a malicious symbols file may result in the exploitation of this vulnerability. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x64 to version 6.0.13,...

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution in the way it reads debugging symbols, where reading a malicious symbols file may result in the exploitation of this vulnerability. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm to version 6.0.13,...

.NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-21808: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...

PT-2023-1443 · Microsoft +1 · .Net Framework +2

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework and .NET affected versions not specified Visual Studio affected versions not specified Description: The issue is related to insufficient protection of sensitive data during the implementation of debugging code in...

The vulnerability of the microprogramming software of Mitsubishi MELFA series SD/SQ and F industrial robots lies in the insufficient protection of operational data during code debugging. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the microprogrammed software in Mitsubishi MELFA industrial robots of the SD/SQ and F series is related to insufficient protection of operational data during code debugging. Exploiting this vulnerability allows an attacker to bypass security restrictions and gain unauthorized...

Dell BIOS 安全漏洞

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, USA. A security vulnerability exists in Dell BIOS. An attacker could exploit this vulnerability to read system information through the debugging interface...

Exploit for SQL Injection in Wordpress

PoC exploit for...

The vulnerability of the Factory Interface Network Service (FINS) protocol implementation in the microcomputer-based programmable logic controllers OMRON CP1L-EL20DR-D allows a intruder to gain access to read, modify, or delete files, execute arbitrary code, or cause a service failure.

The vulnerability of the Factory Interface Network Service FINS protocol implementation in the microcomputer-based programmable logic controllers OMRON CP1L-EL20DR-D is related to insufficient protection of service data during code debugging. Exploiting this vulnerability can allow an attacker to...

Kerberos Ticket Inspecting

This module outputs the contents of a ccache/kirbi file and optionally when provided with the appropriate key decrypts and displays the encrypted content too. Can be used for inspecting tickets that aren't working as intended in an effort to debug them. Module Options msf use...

Mitsubishi Electric MELFA Robot Controllers 安全漏洞

Mitsubishi Electric MELFA Robot Controllers are high-precision robotic arm controllers from Mitsubishi Electric Japan. A security vulnerability exists in Mitsubishi Electric MELFA Robot Controllers, which stems from an authentication bypass vulnerability caused by active debugging code, which cou...

Divide By Zero in function adjust_skipcol

Description Divide By Zero in function adjustskipcol at move.c:1978 vim version git log commit 7193323b7796c05573f3aa89d422e848feb3a8dc HEAD - master, tag: v9.0.1223, origin/master, origin/HEAD POC ./vim -u NONE -i NONE -n -m -X -Z -e -s -S ./pocdbz01s.dat -c :qa! Floating point exception GDB gdb...

TerraLdr - A Payload Loader Designed With Advanced Evasion Features

TerraLdr: A Payload Loader Designed With Advanced Evasion Features Details: no crt functions imported syscall unhooking using KnownDllUnhook api hashing using Rotr32 hashing algo payload encryption using rc4 - payload is saved in .rsrc process injection - targetting 'SettingSyncHost.exe' ppid...

BitRAT Now Sharing Sensitive Bank Data as a Lure

Introduction In June of 2022 Qualys Threat Research Unit TRU wrote an in-depth report on Redline, a commercial off the shelf infostealer that spreads via fake cracked software hosted on Discord’s content delivery network. Since then, we have continued to track similar threats to identify their...

CVE-2022-45428

Some Dahua software products have a vulnerability of sensitive information leakage. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface, an attacker can obtain the debugging information...

Information disclosure

Some Dahua software products have a vulnerability of sensitive information leakage. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface, an attacker can obtain the debugging information...

CVE-2022-45428

The CVE-2022-45428 entry concerns sensitive information leakage in Dahua software. Affected: certain Dahua software products (no specific versions provided). Condition: an attacker with administrator permissions can trigger leakage by sending a crafted packet to a vulnerable interface to obtain d...

Dahua software products 安全漏洞

Dahua software products are a family of applications from the Chinese company Dahua. A security vulnerability exists in a number of Dahua software products that stems from the disclosure of sensitive information allowing an attacker with administrator privileges to obtain debugging information by...

PT-2022-27510 · Dahua · Dahua Software Products

Name of the Vulnerable Software and Affected Versions: Dahua software products affected versions not specified Description: The issue concerns sensitive information leakage in some Dahua software products. An attacker, after obtaining administrator permissions, can send a crafted packet to a...

CVE-2022-45428

Some Dahua software products have a vulnerability of sensitive information leakage. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface, an attacker can obtain the debugging information...