CVE-2020-11640 Elevation of Privilege

AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the command queue can use it to launch an attack by running any executable on the AdvaBuild node. The executables that can be run are not limited to AdvaBuild specific executables. Improper Privilege...

CVE-2024-23470 SolarWinds Access Rights Manager (ARM) UserScriptHumster Exposed Dangerous Method Remote Command Execution Vulnerability

The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to run commands and executables...

CVE-2024-23470

CVE-2024-23470 affects SolarWinds Access Rights Manager (ARM). A pre-authentication remote code execution vulnerability is described as an exposed dangerous method in the UserScriptHumster component, allowing an unauthenticated user to run commands/executables on the server. Related Nessus data c...

CVE-2024-32861

Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions...

CVE-2024-32861 Software House C•CURE - CouchDB executable protection

Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions...

CVE-2024-5912

CVE-2024-5912 affects Palo Alto Networks Cortex XDR agent where improper file signature verification checks may allow bypass of the agent’s executable blocking, enabling execution of untrusted executables on the device. The issue is tied to the Cortex XDR agent application itself and is described...

CVE-2024-5912 Cortex XDR Agent: Improper File Signature Verification Checks

An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent's executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked...

CVE-2024-5912 Cortex XDR Agent: Improper File Signature Verification Checks

An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent's executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked...

Cortex XDR Agent: Improper File Signature Verification Checks

An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent's executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked...

CVE-2024-34692 [CVE-2024-34692] Unrestricted File upload vulnerability in SAP Enable Now

Due to missing verification of file type or content, SAP Enable Now allows an authenticated attacker to upload arbitrary files. These files include executables which might be downloaded and executed by the user which could host malware. On successful exploitation an attacker can cause limited...

PT-2024-26110 · Sap · Sap Enable Now

Name of the Vulnerable Software and Affected Versions: SAP Enable Now affected versions not specified Description: The issue allows an authenticated attacker to upload arbitrary files, including executables, due to missing verification of file type or content. These files might be downloaded and...

ROPDump - A Command-Line Tool Designed To Analyze Binary Executables For Potential Return-Oriented Programming (ROP) Gadgets, Buffer Overflow Vulnerabilities, And Memory Leaks

ROPDump is a tool for analyzing binary executables to identify potential Return-Oriented Programming ROP gadgets, as well as detecting potential buffer overflow and memory leak vulnerabilities. Features Identifies potential ROP gadgets in binary executables. Detects potential buffer overflow...

Startup-SBOM - A Tool To Reverse Engineer And Inspect The RPM And APT Databases To List All The Packages Along With Executables, Service And Versions

This is a simple SBOM utility which aims to provide an insider view on which packages are getting executed. The process and objective is simple we can get a clear perspective view on the packages installed by APT currently working on implementing this for RPM and other package managers. This is...

CVE-2024-3640 Rockwell Automation FactoryTalk® Remote Access™ has Unquoted Executables

An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter a malicious executabl...

CVE-2024-3640 Rockwell Automation FactoryTalk® Remote Access™ has Unquoted Executables

An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter a malicious executabl...

DroidLysis - Property Extractor For Android Apps

DroidLysis is a pre-analysis tool for Android apps: it performs repetitive and boring tasks we'd typically do at the beginning of any reverse engineering. It disassembles the Android sample, organizes output in directories, and searches for suspicious spots in the code to look at. The output help...

EasyRanges 安全漏洞

EasyRanges is a small Julia package from the individual developer Éric Thiébaut. A security vulnerability exists in EasyRanges version 1.41, which stems from an issue with EasyRange that contains search paths for executables, which could lead to loading executables located in the same folder as t...

SUSE CVE-2024-29864

Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into exported executables...

DEBIAN-CVE-2024-29864

Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into exported executables...

UBUNTU-CVE-2024-29864

Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into exported executables...