CVE-2023-34189

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...

CVE-2022-36670

PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable...

IObit Malware Fighter 安全漏洞

IOBit Malware Fighter is a suite of antivirus software for Windows-based platforms from IOBit. The program has anti-malware and virus protection features. A security vulnerability exists in IObit Malware Fighter v9.2, which is caused by allowing an authenticated attacker with administrator...

Iranian APT is targeting Middle Eastern Aerospace and Telecommunications companies

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. ShellClient is a powerful new Remote Access Trojan RAT that was used in highly targeted attacks on a select few Aerospace and Telecommunications firms, primarily in the Middle East, with other victims in the United States,...

OSIsoft PI System (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI System Vulnerabilities: Uncontrolled Search Path Element, Improper Verification of Cryptographic Signature, Incorrect Default Permissions, Uncaught Exception, Null Pointer...

CVE-2020-6796

A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 73 and Firefox ESR68.5...

Damon Database Override Modification Process Vulnerability

DM7 is a new-generation database product designed by Damon on the basis of summarizing the R&D and application experience of DM series products, absorbing the advantages of mainstream database products, and adopting JAVA-like virtual machine technology. DM7 database has the vulnerability of...

QNX 6.x 'ptrace()' Arbitrary Process Modification Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4919/info The QNX implementation of 'ptrace' is reportedly insecure. An unprivileged process may attach to a setuid program without restriction. Since the attaching process may view or edit memory, an attacker may exploit...

QNX 6.x - 'ptrace()' Arbitrary Process Modification

source: https://www.securityfocus.com/bid/4919/info The QNX implementation of 'ptrace' is reportedly insecure. An unprivileged process may attach to a setuid program without restriction. Since the attaching process may view or edit memory, an attacker may exploit this issue to escalate privileges...

QNX 6.x - ptrace() Arbitrary Process Modification

QNX 6.x - ptrace Arbitrary Process Modification source: https://www.securityfocus.com/bid/4919/info The QNX implementation of 'ptrace' is reportedly insecure. An unprivileged process may attach to a setuid program without restriction. Since the attaching process may view or edit memory, an attack...