CVE-2023-29502

Before importing a project into Vuforia, a user could modify the “resourceDirectory” attribute in the appConfig.json file to be a different path...

EUVD-2023-33069

Malicious code in bioql PyPI...

CVE-2023-29502

Before importing a project into Vuforia, a user could modify the “resourceDirectory” attribute in the appConfig.json file to be a different path...

CVE-2023-29502 PTC Vuforia Studio Path Traversal

Before importing a project into Vuforia, a user could modify the “resourceDirectory” attribute in the appConfig.json file to be a different path...

PT-2023-22285 · Ptc · Vuforia

Name of the Vulnerable Software and Affected Versions: Vuforia affected versions not specified Description: A user could modify the resourceDirectory attribute in the appConfig.json file to be a different path before importing a project into Vuforia. Recommendations: At the moment, there is no...

Microsoft Windows KERNELBASE Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

GHSA-R28M-G6J9-R2H5 Information Exposure vulnerability in Eclipse Jetty

In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted t...

Delphi Packer Looks for Human Behavior Before Deploying Payload

As bad actors continue to innovate in the area of sandbox evasion, the use of the Delphi programming language to pack malware code has become more and more prevalent. Researchers recently observed several spam campaigns using a specific packer written in Delphi that goes to great lengths to hunt...

Jenkins Plugin Resources Directory Traversal (CVE-2018-6356)

A directory traversal vulnerability exists in Jenkins. The vulnerability is due to insufficient input validation of a request parameter in HTTP requests to the plugin resource directory...

Trusted-Directory Bypass via Path Traversal

Smarty Trusted-Directory Bypass via Path Traversal\nVulnerability Overview\nSmarty 3.1.32 or below is prone to a path traversal vulnerability due\nto insufficient sanitization of code in Smarty templates. This allows\nattackers controlling the Smarty template to bypass the trusted\ndirectory...

PEframe - Tool to perform static analysis on Portable Executable malware

PEframe is a open source tool to perform static analysis on Portable Executable malware. Usage $ peframe malware.exe $ peframe --option malware.exe Options --json Output in json --import Imported function and dll --export Exported function and dll --dir-import Import directory --dir-export Export...