274 matches found
CVE-2021-39664
In LoadedPackage::Load of LoadedArsc.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure when parsing an APK file with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
CVE-2021-39664
In LoadedPackage::Load of LoadedArsc.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure when parsing an APK file with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
GO-2021-0263 Panic on invalid symbol tables in debug/macho
Calling File.ImportedSymbols on a loaded file which contains an invalid dynamic symbol table command can cause a panic, in particular if the encoded number of undefined symbols is larger than the number of symbols in the symbol table...
opencryptoki bug fix and enhancement update
The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...
The software for Cisco Webex Meetings Server, Cisco Webex Meetings Desktop App, and Cisco Webex Teams – a collaboration tool for Windows operating systems – has vulnerabilities related to errors in the path validation mechanism for dynamically loaded libraries. This allows attackers to execute arbitrary code.
The vulnerability of Cisco Webex Meetings Server, Cisco Webex Meetings Desktop App, and Cisco Webex Teams for Windows operating systems relates to errors in the mechanism for checking paths to dynamically loaded libraries. Exploiting this vulnerability allows an attacker to execute arbitrary code...
CVE-2021-25467
Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library...
CVE-2021-25467
Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library...
GhostEmperor: From ProxyLogon to kernel mode
Download GhostEmperors technical details PDF While investigating a recent rise of attacks against Exchange servers, we noticed a recurring cluster of activity that appeared in several distinct compromised networks. This cluster stood out for its usage of a formerly unknown Windows kernel mode...
CVE-2021-41106
JWT is a library to work with JSON Web Token and JSON Web Signature. Prior to versions 3.4.6, 4.0.4, and 4.1.5, users of HMAC-based algorithms HS256, HS384, and HS512 combined with Lcobucci\JWT\Signer\Key\LocalFileReference as key are having their tokens issued/validated using the file path as...
Dr.Web Firewall 代码问题漏洞
Dr.Web Firewall is a network firewall from the Russian company Dr.Web. A code issue vulnerability exists in Dr.Web Firewall that originates from Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A custom loaded DLL in a legitimate binary e.g. frwlsvc.exe...
FindObjects-BOF - A Cobalt Strike Beacon Object File (BOF) Project Which Uses Direct System Calls To Enumerate Processes For Specific Loaded Modules Or Process Handles
A Cobalt Strike Beacon Object File BOF project which uses direct system calls to enumerate processes for specific modules or process handles. What is this repository for? Use direct systems calls within Beacon Object files to enumerate processes for specific loaded modules e.g. winhttp.dll,...
McAfee Agent 5.x prior to 5.7.3 Multiple Vulnerabilities (SB10362)
The version of McAfee Agent, formerly McAfee ePolicy Orchestrator ePO Agent, installed on the remote host is 5.x prior to 5.7.3. It is, therefore, affected by the following vulnerabilities: - An improper privilege management vulnerability exists due to a local user having the ability to edit the...
Remote Code Execution
xstream is vulnerable to remote code execution. The vulnerability exists due to an uncontrolled process references on enum types at deserialization, allowing an attacker to manipulate the processed input stream and replace or inject objects, that result in execution of arbitrary code loaded from ...
SharpEDRChecker - Checks Running Processes, Process Metadata, DLLs Loaded Into Your Current Process And The Each DLLs Metadata, Common Inst all Directories, Installed Services And Each Service Binaries Metadata, Installed Drivers And Each Drivers Metadata, All For The Presence Of Known Defensive Products Such As AV's, EDR's And Logging Tools
New and improved C Implementation of Invoke-EDRChecker. Checks running processes, process metadata, Dlls loaded into your current process and each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for...
Microsoft Spooler Local Privilege Elevation Vulnerability
This exploit leverages a file write vulnerability in the print spooler service which will restart if stopped. Because the service cannot be stopped long enough to remove the dll, there is no way to remove the dll once it is loaded by the service. Essentially, on default settings, this module adds...
Oppo Backup and Oppo Restore Security Vulnerabilities
OPPO Guangdong Mobile Communications Oppo Backup is a backup service for devices from OPPO Guangdong Mobile Communications, China.OPPO Guangdong Mobile Communications Oppo Restore is a recovery service for devices from OPPO Guangdong Mobile Communications, China. A security vulnerability exists i...
CVE-2020-11201
Arbitrary access to DSP memory due to improper check in loaded library for data received from CPU side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P,...
Input validation
Arbitrary access to DSP memory due to improper check in loaded library for data received from CPU side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P,...
CVE-2020-11201
CVE-2020-11201 targets Qualcomm Snapdragon systems with DSP/Hexagon components. The issue arises from an improper check in a loaded library used for data flowing from the CPU to the DSP, affecting Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, and Mobile families (e.g., QCM6125, QCS410/6...
CVE-2020-5144
SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability...