PT-2024-28962 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: gitoxide versions 0.10.8 Description: The issue arises from gix-path being tricked into running another git.exe placed in an untrusted location by a limited user account on Windows systems. Windows permits limited user accounts to create new...

PT-2024-24055 · Apache · Apache Streampipes

Name of the Vulnerable Software and Affected Versions: Apache StreamPipes versions through 0.93.0 Description: The issue is related to an Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. This vulnerability may allow the upload of executable files, potentially...

CVE-2024-32861 Software House C•CURE - CouchDB executable protection

Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions...

CVE-2024-5402

Unquoted Search Path or Element vulnerability in ABB Mint Workbench. A local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service. This issue affects Mint Workbench I versions: from 5866 before 58...

The vulnerability of the Multiline RFC 2231 email server component in Exim, which allows bypassing existing security restrictions by implementing specially crafted executable files.

The vulnerability of the Multiline RFC 2231 email server component relates to deficiencies in the restrictions on loading files of hazardous types. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions by introducing specially crafted executable files...

SUSE CVE-2024-39904

VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...

ROS-20240712-01

Vulnerability in Multiline RFC 2231 component of Exim mail server is related to incorrect analysis of the the multiline RFC 2231 header file name. Exploitation of the vulnerability could allow an attacker, acting remotely, to deliver executable attachments to end-user mailboxes...

Purpose of CMSTART command

This article provides information about the command CMSTART. Purpose of CMSTART command Cmstart.exe is a process that runs when you log on to the XenApp server. It is called by winlogon. It is associated with Wfshell.exe, CltMgr.exe, and Icast.exe files. The cmstart is controlled by the following...

Ubuntu 16.04 LTS : Apport vulnerabilities (USN-6894-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6894-1 advisory. Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly us...

CVE-2024-39904

VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...

MAL-2024-7660 Malicious code in sap-canvas (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 32484128781f716486f2d020f4516841a37af1178392f8427cd058306c255ade The OpenSSF Package Analysis project identified 'sap-canvas' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

PT-2024-5036 · Nvidia +1 · Nvidia Cuda Toolkit +1

Name of the Vulnerable Software and Affected Versions: NVIDIA CUDA Toolkit affected versions not specified Description: The issue is related to an out-of-bounds read problem in the nvdisasm utility of the NVIDIA CUDA Toolkit. This can be exploited by deceiving a user into reading a malformed ELF...

CVE-2024-5912

An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent's executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked...

CVE-2024-5912

CVE-2024-5912 affects Palo Alto Networks Cortex XDR agent where improper file signature verification checks may allow bypass of the agent’s executable blocking, enabling execution of untrusted executables on the device. The issue is tied to the Cortex XDR agent application itself and is described...

CVE-2024-5912 Cortex XDR Agent: Improper File Signature Verification Checks

An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent's executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked...

CVE-2024-5912 Cortex XDR Agent: Improper File Signature Verification Checks

An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent's executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked...

Cortex XDR Agent: Improper File Signature Verification Checks

An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent's executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked...

Palo Alto Networks Cortex XDR Security Vulnerability

Palo Alto Networks Cortex XDR is an extended detection and response platform that natively integrates network, endpoint, cloud, and third-party data from U.S.-based Palo Alto Networks. A security vulnerability exists in Palo Alto Networks Cortex XDR that stems from improper file signature checkin...

PT-2024-5017 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR agent affected versions not specified Description: The issue is related to an improper file signature check in the Palo Alto Networks Cortex XDR agent, which may allow an attacker to bypass the agent's executable...

SUSE CVE-2024-39929

Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mimefilename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users...