FastStone Image Viewer Denial of Service Vulnerability (CNVD-2018-14264)

FastStone Image Viewer is an image viewer that supports image browsing, format conversion, editing and more. A security vulnerability exists in FastStone Image Viewer version 6.2, which originates from the FSViewer.exe program failing to properly handle malformed JPEG files. An attacker can explo...

FastStone Image Viewer Denial of Service Vulnerability (CNVD-2018-14268)

FastStone Image Viewer is an image viewer that supports image browsing, format conversion, editing and more. A security vulnerability exists in FastStone Image Viewer version 6.2, which originates from the FSViewer.exe program failing to properly handle malformed JPEG files. An attacker can explo...

Olympic Destroyer Returns to Target Biochemical Labs

Olympic Destroyer, the threat actor that caused a crippling sabotage attack on the networks supporting this year’s Winter Games in Pyeongchang, South Korea, has resurfaced with a spy campaign – and with a wider target range. The new campaign began last month and is ongoing, employing spear-phishi...

Bring Your Own Land (BYOL) – A Novel Red Teaming Technique

Introduction One of most significant recent developments in sophisticated offensive operations is the use of “Living off the Land” LotL techniques by attackers. These techniques leverage legitimate tools present on the system, such as the PowerShell scripting language, in order to execute attacks...

Security Bulletin: Privilege Escalation / User Impersonation affects IBM Platform LSF and IBM Spectrum LSF

Summary This is to address security vulnerabilities in IBM Spectrum LSF and IBM Platform LSF Load Sharing Facility that could allow a local attacker to impersonate arbitrary users to submit jobs to LSF, and possibly run LSF jobs as root. LSF uses an external authentication framework to secure use...

Security Bulletin: InstallShield and InstallAnywhere vulnerabilities affect IBM Security Guardium Data Redaction (CVE-2016-2542)

Summary Flexera InstallShield could allow a local attacker to gain elevated privileges on the system, caused by an untrusted search path. An attacker could exploit this vulnerability using a Trojan horse DLL in the current working directory of a setup-launcher executable file to gain elevated...

Security Bulletin: IBM InfoSphere Information Server is vulnerable to root privilege escalation (CVE-2015-1900)

Summary IBM InfoSphere Information Server could allow a local user to execute code with root privileges on the engine tier. Vulnerability Details CVEID: CVE-2015-1900 DESCRIPTION: IBM InfoSphere DataStage could allow a local user to bypass security and replace executables with malicious files tha...

Privilege escalation

The path of Whale update service was unquoted in NAVER Whale before 1.0.40.7. This vulnerability can be used for persistent privilege escalation if it's available to create an executable file with System privilege by other vulnerable applications...

CVE-2018-9859

The path of Whale update service was unquoted in NAVER Whale before 1.0.40.7. This vulnerability can be used for persistent privilege escalation if it's available to create an executable file with System privilege by other vulnerable applications...

CVE-2018-9859

The CVE-2018-9859 issue affects NAVER Whale prior to version 1.0.40.7, where the Whale update service path is unquoted. Root cause: an unquoted update service path can be leveraged to run executables with System privileges by other vulnerable apps, enabling persistent privilege escalation. Impact...

libsbml Remote Code Execution Vulnerability

libsbml is an open source application for reading, writing, translating and validating SBML files and data streams. A security vulnerability exists in libsbml that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the...

tomita Remote Code Execution Vulnerability

tomita is a parser that can extract structured data from natural language text. A security vulnerability exists in tomita that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting the response...

fis-parser-sass-bin remote code execution vulnerability

fis-parser-sass-bin is a fis-based plugin for compiling sass using node-sass-binaries. A security vulnerability exists in fis-parser-sass-bin, which originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by...

soci Remote Code Execution Vulnerability

soci is a C++ library for accessing databases. A security vulnerability exists in soci that originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the response and replacing the requested...

cloudpub-redis remote code execution vulnerability

cloudpub-redis is a package for installing redis server. A security vulnerability exists in cloudpub-redis that originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting the response and replacing th...

google-closure-tools-latest code execution vulnerability

google-closure-tools-latest is a package for downloading/installing the latest version of Google Closure tools. A security vulnerability exists in google-closure-tools-latest, which originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker cou...

rs-brightcove remote code execution vulnerability

rs-brightcove is a set of wrapper tools for the brightcove web API. A security vulnerability exists in rs-brightcove, which originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the response an...

qbs remote code execution vulnerability

qbs is a set of automated build tools that manage the process of building software projects across multiple platforms. A security vulnerability exists in qbs that originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the...

libsbmlsim Remote Code Execution Vulnerability

libsbmlsim is a library for simulating SBML models containing ordinary differential equations. A security vulnerability exists in libsbmlsim that originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by...

Unspecified vulnerability in fis-sass-all

fis-sass-all is a package for implementing Sass compilation in Node.js. A security vulnerability exists in fis-sass-all, which originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the response...