CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2021/05/06 1:15 p.m.•3 views

CVE-2021-1430

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execut...

7.8CVSS6.2AI score0.00234EPSS

Exploits0References1

Packet Storm•added 2021/05/06 12:0 a.m.•350 views

Backdoor.Win32.Floder.gqe Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0629e3b2ab8a973a3e37e4e97cb9cfea.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Floder.gqe Vulnerability: Insecure Permissions Description: The malware creates an...

Kitploit•added 2021/05/03 9:30 p.m.•63 views

Evasor - A Tool To Be Used In Post Exploitation Phase For Blue And Red Teams To Bypass APPLICATIONCONTROL Policies

The Evasor is an automated security assessment tool which locates existing executables on the Windows operating system that can be used to bypass any Application Control rules. It is very easy to use, quick, saves time and fully automated which generates for you a report including description,...

7.6AI score

Exploits0References3

Packet Storm•added 2021/04/28 12:0 a.m.•511 views

Trojan-Dropper.Win32.Dycler.vrp Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1d6d6d3c077250b7b3ad053e71054ecc.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Dycler.vrp Vulnerability: Insecure Permissions Description: The malware creates...

OpenVAS•added 2021/04/25 12:0 a.m.•21 views

Fedora: Security Advisory for mingw-binutils (FEDORA-2021-7ca24ddc86)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.3AI score

Fedora•added 2021/04/24 8:24 p.m.•72 views

[SECURITY] Fedora 34 Update: mingw-binutils-2.34-8.fc34

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

7AI score

OpenVAS•added 2021/04/23 12:0 a.m.•17 views

Fedora: Security Advisory for mingw-binutils (FEDORA-2021-d23d016509)

6.3AI score

OpenVAS•added 2021/04/23 12:0 a.m.•29 views

Fedora: Security Advisory for mingw-binutils (FEDORA-2021-9bd201dd4d)

6.3AI score

Packet Storm•added 2021/04/22 12:0 a.m.•354 views

Trojan-Dropper.Win32.Agent.xtp Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/360bbc9e0926488f085029948ff6c759.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Agent.xtp Vulnerability: Insecure Permissions Description: The malware creates ...

Fedora•added 2021/04/21 9:41 p.m.•60 views

[SECURITY] Fedora 33 Update: mingw-binutils-2.34-8.fc33

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

4.5AI score

Securelist•added 2021/04/21 10:0 a.m.•52 views

Targeted Malware Reverse Engineering Workshop follow-up. Part 2

If you have read our previous blogpost "Targeted Malware Reverse Engineering Workshop follow-up. Part 1", you probably know about the webinar we conducted on April 8, 2021, with Kaspersky GReATs Ivan Kwiatkowski and Denis Legezo, to share best practices in reverse engineering and demonstrate...

6.9AI score

Fedora•added 2021/04/20 3:1 p.m.•42 views

[SECURITY] Fedora 32 Update: mingw-binutils-2.32-10.fc32

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

4.5AI score

OSV•added 2021/04/16 11:15 a.m.•14 views

CVE-2021-22539

An attacker can place a crafted JSON config file into the project folder pointing to a custom executable. VScode-bazel allows the workspace path to lint .bzl files to be set via this config file. As such the attacker is able to execute any executable on the system through vscode-bazel. We recomme...

7.8CVSS6.9AI score

Prion•added 2021/04/14 3:15 p.m.•18 views

Improper access control

An issue was discovered in Orchard before 1.10. A broken access control issue in Orchard components that use the TinyMCE HTML editor's file upload allows an attacker to upload dangerous executables that bypass the file types allowed regardless of the file types allowed list in Media settings...

7.5CVSS9.3AI score0.0218EPSS

Exploits2References2Affected Software1

CVE•added 2021/04/14 2:23 p.m.•49 views

CVE-2020-29592

The vulnerability CVE-2020-29592 affects Orchard before 1.10. A broken access control issue in Orchard components that use the TinyMCE HTML editor’s file upload allows uploading dangerous executables that bypass the file types allowed list in Media settings. This can lead to arbitrary code execut...

9.8CVSS9.3AI score0.0218EPSS

Exploits2References2Affected Software1

Cvelist•added 2021/04/14 2:23 p.m.•39 views

CVE-2020-29592

9.4AI score0.0218EPSS

Exploits2References2

Packet Storm•added 2021/04/01 12:0 a.m.•360 views

Trojan-Downloader.Win32.Delf.nzg Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/3c5c6f0f6f78af12d6b76119696a4074.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Delf.nzg Vulnerability: Insecure Permissions Description: Win32.Delf.nzg...

Packet Storm•added 2021/03/25 12:0 a.m.•699 views

Backdoor.Win32.DarkKomet.gozu Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/00199eb3fd1a0aa6771b7f12fad895a0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.gozu Vulnerability: Insecure Permissions Description: Creates a hidden dir...