mySCADA myPRO File Upload Vulnerability

mySCADA myPRO is an industrial visualization control system from mySCADA Technologies, Czech Republic. A security vulnerability exists in the file 'myscadagate.exe' in mySCADA myPRO version 7, which originates from the program's use of a hard-coded FTP account username: myscada, password: Vikuk63...

PhpCollab Arbitrary Code Execution Vulnerability

phpCollab is a Chinese plug-in support for project development management software . An arbitrary code execution vulnerability exists in PhpCollab. An attacker can execute arbitrary code by uploading a file with an executable extension...

Unrestricted file upload

Unrestricted file upload vulnerability in the Files plugin in ProjectPier 0.88 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the tmp directory under the document...

Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC Intel wireless driver and related software DLL injection vulnerabilities

Intel Dual Band Wireless-AC, Tri-Band Wireless-AC, and Wireless-AC are wireless NIC products from Intel Corporation.Intel wireless drivers is one of the wireless NIC drivers.Autorun.exe is one of the Autorun.exe is an executable file; Setup.exe is an installation file. A security vulnerability...

Sudo Commands

This module examines the sudoers configuration for the session user and lists the commands executable via sudo. This module also inspects each command and reports potential avenues for privileged code execution due to poor file system permissions or permitting execution of executables known to be...

CVE-2017-6015

Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute arbitrary code wi...

Alps Pointing-device Driver Denial of Service Vulnerability

Alps Pointing-device Driver is a driver for pointer-click devices from Alps Electric Japan. A security vulnerability exists in the ApMsgFwd.exe file in Alps Pointing-device Driver version 10.1.101.207 Dell, ThinkPad, and VAIO. An attacker could exploit this vulnerability to cause a denial of...

CVE-2018-5173

The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full,...

Microsoft Windows Multiple Vulnerabilities (KB4103731)

This host is missing a critical security update according to Microsoft KB4103731 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SynAck targeted ransomware uses the Doppelgänging technique

The Process Doppelgänging technique was first presented in December 2017 at the BlackHat conference. Since the presentation several threat actors have started using this sophisticated technique in an attempt to bypass modern security solutions. In April 2018, we spotted the first ransomware...

February 22, 2018—KB4075211 (Preview of Monthly Rollup)

February 22, 2018—KB4075211 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4074598 released February 13, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Updates...

Android 'su' Privilege Escalation

This module uses the su binary present on rooted devices to run a payload as root. A rooted Android device will contain a su binary often linked with an application that allows the user to run commands as root. This module will use the su binary to execute a command stager as root. The command...

CVE-2018-8939

An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold before 2018 18.0. Malicious actors can submit specially crafted requests via the NmAPI executable to 1 gain unauthorized access to the WhatsUp Gold system, 2 obtain information about the WhatsUp Gold system, or 3 execute remote...

Malwarebytes CrackMe 2: try another challenge

Last November, we released the first edition of the Malwarebytes CrackMe. Encouraged by the positive response we received from the security community, we decided to repeat the game, hopefully making it even more interesting and entertaining. As before, the CrackMe is dedicated to malware analysts...

Netwide Assembler Buffer Overflow Vulnerability

Netwide Assembler NASM is a Linux-based assembler that creates binaries and writes bootloaders. A stack buffer out-of-bounds read vulnerability exists in the 'disasm' function of the disasm/disasm.c file in NASM version 2.13. A remote attacker can exploit this vulnerability to cause a denial of...

7zip Portable Detection (Windows SMB Login)

SMB login and WMI file search based detection of 7zip Portable. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2018-10254

Netwide Assembler NASM 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file...

London Trust Media Private Internet Access VPN Client for Windows Elevation of Privilege Vulnerability

London Trust Media Private Internet Access PIA VPN Client for Windows is a Windows-based VPN client for anonymous Internet access. A security vulnerability exists in version 77 of the London Trust Media PIA VPN Client for Windows based platforms, which stems from the program's failure to adequate...

UBUNTU-CVE-2018-10187

In radare2 2.5.0, there is a heap-based buffer over-read in the dalvikop function libr/anal/p/analdalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. Note that this issue is different from CVE-2018-8809, which was patched earlier...

Information disclosure

A vulnerability in London Trust Media Private Internet Access PIA VPN Client v77 for Windows could allow an unauthenticated, local attacker to run executable files with elevated privileges. The vulnerability is due to insufficient implementation of access controls. The "Changelog" and "Help"...