21 matches found
Malicious File Parsing
@finos/git-proxy is vulnerable to malicious file parsing. The vulnerability is due to improper PACK signature detection in parsePush.ts, which allows an attacker to embed misleading signatures in commit content and craft packet structures to bypass approval or hide commits...
CVE-2025-54584
GitProxy is an application that stands between developers and a Git remote endpoint e.g., github.com. In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embedding a misleading PACK signature within comm...
CVE-2025-54584
GitProxy is an application that stands between developers and a Git remote endpoint e.g., github.com. In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embedding a misleading PACK signature within comm...
CVE-2025-54584 GitProxy is vulnerable to a packfile parsing exploit
GitProxy is an application that stands between developers and a Git remote endpoint e.g., github.com. In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embedding a misleading PACK signature within comm...
Bytesrevealer - Online Reverse Enginerring Viewer
Bytes Revealer is a powerful reverse engineering and binary analysis tool designed for security researchers, forensic analysts, and developers. With features like hex view, visual representation, string extraction, entropy calculation, and file signature detection, it helps users uncover hidden...
EINSTEIN Data Trends – 30-day Lookback
Summary Cybersecurity and Infrastructure Security Agency CISA analysts have compiled the top detection signatures that have been the most active over the month of May in our national Intrusion Detection System IDS, known as EINSTEIN. This information is meant to give the reader a closer look into...
CVE-2019-1010279
Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed sequence of network packets. The component is: detect.c...
Latest Bypassing Techniques Beats SOAP/XML API Protection
Latest Bypassing Techniques Beat SOAP/XML API Protection It is impossible to protect APIs unless you take a deep dive into the protocols implemented over the standard HTTP. Most security tools are not protecting data where it’s most vulnerable, inside the XML schema itself. These encoding attacks...
VMware Workstation and Fusion Privilege Vulnerability
VMware Fusion is a suite of virtual machine software from VMware, Inc. designed to run Windows applications on Macs. A security vulnerability exists in VMware Fusion versions 10.x prior to 10.1.2. A local attacker could exploit this vulnerability to bypass signature detection and gain elevated...
Ursnif Trojan Adopts New Code Injection Technique
Hackers are testing a new variation of the Ursnif Trojan aimed at Australian bank customers that utilizes novel code injection techniques. Since the summer of 2017, IBM X-Force researchers report that Ursnif or Gozi samples have been tested in wild by a new malware developer. The samples are a...
Response Operation Collection Kit: ROCK NSM
MOCYBER’s open source Network Security Monitoring platform ROCK is a collections platform, in the spirit of Network Security Monitoring, designed by members of the Missouri National Guard’s Cyber Team. It’s primary focus is to provide a robust, scalable sensor platform for both enduring security...
PT-2012-1390 · Pc Tools · Threatfire
Name of the Vulnerable Software and Affected Versions: ThreatFire version 4.7.0.17 Description: A race condition issue allows local users to bypass kernel-mode hook handlers and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detectio...
PT-2012-1381 · Tallemu · Online Armor Premium
Name of the Vulnerable Software and Affected Versions: Online Armor Premium version 4.0.0.35 Description: A race condition in Online Armor Premium on Windows XP allows local users to bypass kernel-mode hook handlers and execute dangerous code that would otherwise be blocked by a handler but not...
PT-2012-1376 · Kingsoft · Kingsoft Personal Firewall 9 Plus
Name of the Vulnerable Software and Affected Versions: KingSoft Personal Firewall 9 Plus version 2009.05.07.70 Description: A race condition in the software allows local users to bypass kernel-mode hook handlers and execute dangerous code that would otherwise be blocked by a handler but not block...
Generic Credit Card Signature Detection
Binary data 5851.prm...
Generic Credit Card Signature Detection
Binary data 5854.prm...
Generic Social Security Signature Detection (deprecated)
Binary data 5858.prm...
Generic Credit Card Signature Detection
Binary data 5847.prm...
Generic Credit Card Signature Detection
Binary data 5852.prm...
Generic Credit Card Signature Detection
Binary data 5848.prm...