SAP 3D Visual Enterprise Viewer Input Validation Error Vulnerability (CNVD-2022-50934)

SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP Germany. The software supports publishing 2D and 3D scenes in all industry-standard desktop applications and supports separate installations as standalone executables and ActiveX spaces. The vulnerability can be exploited to crash the...

Oracle Linux 8 : shim (ELSA-2022-9465)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9465 advisory. 15.6-1.0.3 - Update shimx64.efi and shimia32.efi signed by Microsoft JIRA: OLDIS-16370 15.6-1.0.2 - Update to shim-unsigned v15.6.rc2 JIRA: OLDIS-16370 15.6-1.0...

one-java-agent 路径遍历漏洞

one-java-agent is to provide plug-in support to unify the management of numerous Java Agent. A security vulnerability exists in all versions of com.alibaba.oneagent:one-java-agent-plugin, which can be exploited by an attacker to overwrite executables and remotely invoke them or wait for the syste...

Oracle Linux 8 : container-tools:2.0 (ELSA-2022-1566)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1566 advisory. - fixes CVE-2022-27649 podman - fixes CVE-2022-27651 Tenable has extracted the preceding description block directly from the Oracle Linux security...

CVE-2022-22521

In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated by attackers are unknowingly executed with users privileges. An attacker with low privileges may trick a user with administrative privileges to execute these binaries as admin...

CVE-2022-22392

IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066...

Delta Electronics DIAEnergie 安全漏洞

Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.An authorization...

CVE-2022-23104

CVE-2022-23104 affects WIN-911 2021 R1 (5.21.10) and R2 (5.21.17); it is a permissions misconfiguration that lets a low-privilege, local attacker write to the Operator Workspace directory (holding DLLs and executables), enabling privilege escalation to the user running the program. The issue is d...

Chain-Reactor - An Open Source Framework For Composing Executables That Simulate Adversary Behaviors And Techniques On Linux Endpoints

Chain Reactor is an open-source tool for testing detection and response coverage on Linux machines. The tool generates executables that simulate sequences of actions like process creation and network connection. Chain Reactor assumes no prior engineering experience; the tool consumes JSON, so...

Trojan.Win32.Cosmu.abix Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/b4638a10f7cfdbf39b9fef7539c63852.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Cosmu.abix Vulnerability: Insecure Permissions Description: The malware writes several ...

CVE-2022-25255

A flaw was found in qt. The vulnerability occurs due to executing binaries from the current directory when the loading path failed, leading to an uncontrolled path element vulnerability. This flaw allows an attacker to execute malicious executables...

Iranian APT MuddyWater targets Turkish users via malicious PDFs, executables

By Asheer Malhotra and Vitor Ventura. Cisco Talos has observed a new campaign targeting Turkish private organizations alongside governmental institutions. Talos attributes this campaign with high confidence to MuddyWater — an APT group recently attributed to Iran's Ministry of Intelligence and...

[SECURITY] Fedora 34 Update: mingw-binutils-2.34-11.fc34

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

[SECURITY] Fedora 34 Update: mingw-binutils-2.34-10.fc34

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

Fedora: Security Advisory for mingw-binutils (FEDORA-2021-3614c0b466)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-32497

SICK SOPAS ET before version 4.8.0 allows attackers to wrap any executable file into an SDD and provide this to a SOPAS ET user. When a user starts the emulator the executable is run without further checks...

CVE-2021-44153

An issue was discovered in Reprise RLM 14.2. When editing the license file, it is possible for an admin user to enable an option to run arbitrary executables, as demonstrated by an ISV demo "C:\Windows\System32\calc.exe" entry. An attacker can exploit this to run a malicious binary on startup, or...

Code injection

An issue was discovered in Reprise RLM 14.2. When editing the license file, it is possible for an admin user to enable an option to run arbitrary executables, as demonstrated by an ISV demo "C:\Windows\System32\calc.exe" entry. An attacker can exploit this to run a malicious binary on startup, or...

CVE-2021-44153

An issue was discovered in Reprise RLM 14.2. When editing the license file, it is possible for an admin user to enable an option to run arbitrary executables, as demonstrated by an ISV demo "C:\Windows\System32\calc.exe" entry. An attacker can exploit this to run a malicious binary on startup, or...

CVE-2021-44153

CVE-2021-44153 affects Reprise License Manager (RLM) 14.2. An admin user can enable an option while editing the license file to run arbitrary executables, demonstrated by the ISV entry using calc.exe. An attacker can exploit this to run a malicious binary on startup or when triggering the Reread/...