CVE-2021-31854

A command Injection Vulnerability in McAfee Agent MA for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the...

Mcafee McAfee Agent 操作系统命令注入漏洞

The McAfee McAfee Agent MA is a set of client components from McAfee, Inc. that provides secure communications between ePolicy Orchestrator the antivirus management platform and managed products. A security vulnerability exists in the McAfee Agent that originates from allowing a local user to...

Exploit for Race Condition in Canonical Ubuntu_Linux

This is a PoC Proof of Concept exploit for CVE-2016-5195, also known as Dirty COW. The exploit relies on ptrace to patch the vDSO Virtual Dynamic Shared Object and create a TCP reverse shell to the attacker's machine. The target of the exploit is the Linux kernel, and the vulnerability class is a...

PT-2022-1429 · Mcafee · Mcafee Agent

Name of the Vulnerable Software and Affected Versions: McAfee Agent for Windows versions prior to 5.7.5 Description: A command injection issue allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed ...

reFlutter - Flutter Reverse Engineering Framework

This framework helps with Flutter apps reverse engineering using the patched version of the Flutter library which is already compiled and ready for app repacking. This library has snapshot deserialization process modified to allow you perform dynamic analysis in a convenient way. Key features:...

Exploit for CVE-2021-28476

CVE-2021-28476: Hyper-V vmswitch.sys arbitrary pointer derefer...

AlphaGolang - IDApython Scripts For Analyzing Golang Binaries

AlphaGolang is a collection of IDAPython scripts to help malware reverse engineers master Go binaries. The idea is to break the scripts into concrete steps, thus avoiding brittle monolithic scripts, and mimicking the methodology an analyst might follow when tackling a Go binary. Scripts are...

Researchers Decrypted Qakbot Banking Trojan's Encrypted Registry Keys

Cybersecurity researchers have decoded the mechanism by which the versatile Qakbot banking trojan handles the insertion of encrypted configuration data into the Windows Registry. Qakbot, also known as QBot, QuackBot and Pinkslipbot, has been observed in the wild since 2007. Although mainly...

Directory traversal

Bytecode Viewer BCV is a Java/Android reverse engineering suite. Versions of the package prior to 2.11.0 are vulnerable to Arbitrary File Write via Archive Extraction AKA "Zip Slip". The vulnerability is exploited using a specially crafted archive that holds directory traversal filenames e.g...

CVE-2022-21675 Bytecode Viewer v2.10.x Zip Slip

Bytecode Viewer BCV is a Java/Android reverse engineering suite. Versions of the package prior to 2.11.0 are vulnerable to Arbitrary File Write via Archive Extraction AKA "Zip Slip". The vulnerability is exploited using a specially crafted archive that holds directory traversal filenames e.g...

CVE-2022-21675

BCV (Bytecode Viewer) versions prior to 2.11.0 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip). A crafted archive with directory traversal filenames (e.g., ../../evil.exe) can overwrite files across formats such as zip, jar, tar, war, cpio, apk, rar, 7z, enabling file ove...

CVE-2022-21675 Bytecode Viewer v2.10.x Zip Slip

Bytecode Viewer BCV is a Java/Android reverse engineering suite. Versions of the package prior to 2.11.0 are vulnerable to Arbitrary File Write via Archive Extraction AKA "Zip Slip". The vulnerability is exploited using a specially crafted archive that holds directory traversal filenames e.g...

Exploit for Unrestricted Upload of File with Dangerous Type in Embedthis Goahead

CVE-2021-42342 CVE-2021-42342 RCE POC1:just prints c in...

Exploit for OS Command Injection in Gerapy

CVE-2021-43857 Gerapy prior to version 0.9.8 is vulnerable to...

CLSA-2021-1640697114 Fix CVE(s): CVE-2021-44224, CVE-2021-44970

SECURITY UPDATE: buffer overflow in the modlua multipart parser - debian/patches/CVE-2021-44970.patch: add test to prevent integer overflow in reqparsebody - CVE-2021-44970 SECURITY UPDATE: null pointer dereference in reverse proxy module - debian/patches/CVE-2021-44224.patch: add tests for retur...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4jUnifi Exploiting CVE-2021-44228 in Unifi Network Applicat...

OESA-2021-1470 grafana security update

Metrics dashboard and graph editor. Security Fixes: Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope,...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4j Simple Exploit A Proof-Of-Concept Exploit for CVE-202...

Apache 2.4.x >= 2.4.7 / < 2.4.52 Forward Proxy DoS / SSRF

The version of Apache httpd installed on the remote host is equal to or greater than 2.4.7 and prior to 2.4.52. It is, therefore, affected by a flaw related to acting as a forward proxy. A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4PowerShell CVE-2021-44228 Proof of Concept A Proof-Of-C...