Ivanti Endpoint Manager Elevation of Privilege Vulnerability

Ivanti Endpoint Manager EPM is a suite of endpoint security managers from Ivanti, USA. An elevation of privilege vulnerability exists in Ivanti Endpoint Manager, which stems from the "LANDeskR Management Agent" service exposing a socket that, once connected, can be used to launch commands only fo...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2022-2367)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-30121

The “LANDeskR Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system...

CVE-2022-30121

The “LANDeskR Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system...

CVE-2022-31322

Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables...

Code injection

Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables...

CVE-2022-31322

Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables...

CVE-2022-31322

The CVE-2022-31322 entry affects Penta Security Systems’ WAPPLES, specifically version 6.0 r3 with 4.10-hotfix1. The vulnerability allows privilege escalation by overwriting files using SUID-enabled executables. Root cause and affected component: SUID flagged executables enabling local privilege ...

PT-2022-20686 · Penta Security Systems Inc · Wapples

Name of the Vulnerable Software and Affected Versions: Penta Security Systems Inc WAPPLES version 6.0 r3 4.10-hotfix1 Description: The issue allows attackers to escalate privileges via overwriting files using SUID flagged executables. Recommendations: For Penta Security Systems Inc WAPPLES versio...

Default configuration

GoCD is a continuous delivery server. Windows installations via either the server or agent installers for GoCD prior to 22.2.0 do not adequately restrict permissions when installing outside of the default location. This could allow a malicious user with local access to the server GoCD Server or...

UBUNTU-CVE-2020-27802

An floating point exception was discovered in the elflookup function in plxelf.cpp in UPX 4.0.0 via a crafted Mach-O file...

Ropr - A Blazing Fast Multithreaded ROP Gadget Finder. Ropper / Ropgadget Alternative

ropr is a blazing fast multithreaded ROP Gadget finder What is a ROP Gadget? ROP Return Oriented Programming Gadgets are small snippets of a few assembly instructions typically ending in a ret instruction which already exist as executable code within each binary or library. These gadgets may be...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2022-2235)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2022-2280)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malicious Package

Overview plutos is a malicious package. This is one of 12 malicious packages created by the same actor and discovered by Snyk. It downloads and executes malicious exe files containing malicious code that attempts to steal information from Google Chrome, tokens from Discord, and Injects a Discord...

Backdoor.Win32.Bushtrommel.122 MVID-2022-0629 Authentication Bypass

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bushtrommel.122 Vulnerability: Authentication Bypass Description: The malwa...

Fortinet FortiManager 安全漏洞

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices, and the ability to group devices into different management domains ADOM to further simplify multi-device security deployment a...

Researchers Warn of 'Matanbuchus' Malware Campaign Dropping Cobalt Strike Beacons

A malware-as-a-service Maas dubbed Matanbuchus has been observed spreading through phishing campaigns, ultimately dropping the Cobalt Strike post-exploitation framework on compromised machines. Matanbuchus, like other malware loaders such as BazarLoader, Bumblebee, and Colibri, is engineered to...

Malicious Package

Overview executables.handler is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Note: This malicious package was uncovered by o...

Malicious code in executables.handler (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 233eb3c50929cda5689293f8614290857aafb5ee836aaa5fedcc97d5d37377b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...