CVE-2015-5946

Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension...

CVE-2015-7571

Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension...

DEBIAN-CVE-2017-6420

The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service use-after-free via a crafted PE file with WWPack compression...

kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary

A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable PIE, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory...

kernel: Incorrectly mapped contents of PIE executable

The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected...

Unrestricted File Upload

in2code/powermail is vulnerable a to unrestricted file upload vulnerability. By uploading files with an executable file extension, attackers are able to execute arbitrary code...

CVE-2017-11674

Reporter.exe in Acunetix 8 allows remote attackers to cause a denial of service application crash via a malformed PRE file, related to a "Read Access Violation starting at reporter!madTraceProcess."...

Bye, bye Petya! Decryptor for old versions released.

Following the outbreak of the Petya-based malware in Ukraine, the author of the original version, Janus, decided to release his master key, probably closing the project. You can read the full story here. Based on the released key, we prepared a decryptor that is capable of unlocking all the...

UBUNTU-CVE-2017-10708

An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path traversal. This allows remote attackers to execute arbitrary code via a crafted .crash file...

NemucodAES Ransomware, Kovter Click-Fraud Malware Spreading in Same Campaigns

Two malware families, NemucodAES and Kovter, are being packaged together in .zip attachments and delivered via active spam campaigns. Researcher Brad Duncan said, “together these two pieces of malware could deliver a nasty punch.” Duncan, a handler at the SANS Institute Internet Storm Center, sai...

Microsoft Windows Multiple Vulnerabilities (KB4025341)

This host is missing a critical security update according to Microsoft KB4025341 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Windows Explorer Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Windows Explorer improperly handles executable files and shares during rename operations. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of another user. Users not running as administrators would ...

EbidSettingChecker.exe Untrusted Search Path Vulnerability

EbidSettingChecker.exe is an electronic product testing tool from MEXT Ministry of Education, Culture, Sports, Science and Technology in Japan. An untrustworthy search path vulnerability exists in EbidSettingChecker.exe version 1.0.0.0. An attacker can exploit this vulnerability to gain privilege...

Design/Logic Flaw

Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory...

CVE-2017-2208

Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory...

CVE-2017-2208

Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory...

MGASA-2017-0201 Updated libffi packages fix security vulnerability

libffi, a library used to call code written in one language from code written in a different language, was enforcing an executable stack on the i386 architecture. While this might not be considered a vulnerability by itself, this could be leveraged when exploiting other vulnerabilities, such as t...

Threat Actors Target Chinese Language News Sites

A California-based news website covering China, called China Digital Times, was targeted in a spying campaign that involved phishing lures and the use of the NetWire remote access Trojan. The attacks began in February 2017 and were part of a wider campaign of phishing, reconnaissance and malware...

EternalPetya and the lost Salsa20 key

We have recently been facing a huge outbreak of a new Petya-like malware armed with an infector similar to WannaCry. The research is still in progress, and the full report will be published soon. In this post, we will focus on some new important aspects of the current malware. The low-level attac...

kernel: Incorrectly mapped contents of PIE executable

The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected...