Code injection

DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10 notebooks and PCs could lead to unsigned code execution with no additional restrictions when a user puts an application at a particular path with a particular file name...

CVE-2020-10649

DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10 notebooks and PCs could lead to unsigned code execution with no additional restrictions when a user puts an application at a particular path with a particular file name...

welpwn

This is an exploit module for a vulnerability in a binary, targeting a heap-based overflow in a baby heap implementation. The exploit is designed to execute a shell on the vulnerable system. The exploit uses a combination of alloc, show, and delete functions to manipulate the heap and create a...

Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability that could result in the loading of unsigned firmware on boot. An authenticated attacker could exploit this flaw to load malicious firmware onto the device. cisco-sa-20190925-iosxe-digsig-bypass TRUSTED...

OPENSUSE-SU-2020:0250-1 Security update for enigmail

This update for enigmail fixes the following issues: enigmail was updated to 2.1.5: Security issue: unsigned MIME parts displayed as signed bsc1159973 Ensure that upgrading GnuPG 2.0.x to 2.2.x upgrade converts keyring format Make Enigmail Compatible with Protected-Headers spec, draft 2 enigmail...

CVE-2019-18183

pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the applydeltas function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker-controlled crafted...

CVE-2019-18183

pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the applydeltas function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker-controlled crafted...

CVE-2019-18182

pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the downloadwithxfercommand function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted databa...

CVE-2019-18182

pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the downloadwithxfercommand function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted databa...

Command injection

pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the downloadwithxfercommand function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted databa...

Command injection

pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the applydeltas function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker-controlled crafted...

CVE-2019-18182

pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the downloadwithxfercommand function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted databa...

CVE-2019-18182

pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the downloadwithxfercommand function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted databa...

CVE-2018-6323

The elfobjectp function in elfcode.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfdsizetype multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service application...

SUSE-SU-2020:0413-1 Security update for enigmail

This update for enigmail fixes the following issues: enigmail was updated to 2.1.5: Security issue: unsigned MIME parts displayed as signed bsc1159973 Ensure that upgrading GnuPG 2.0.x to 2.2.x upgrade converts keyring format Make Enigmail Compatible with Protected-Headers spec, draft 2 enigmail...

Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs

Fresh firmware vulnerabilities in Wi-Fi adapters, USB hubs, trackpads and cameras are putting millions of peripheral devices in danger of a range of cyberattacks, according to research from Eclypsium. TouchPad and TrackPoint firmware in Lenovo Laptops, HP Wide Vision FHD camera firmware in HP...

HPSBHF03654 rev. 2 - HP Wide Vision FHD Camera Firmware Security Update

Potential Security Impact Arbitrary Code Execution, Denial of Service Source: HP, HP Product Security Response Team PSRT Reported by: Rick Altherr of Eclypsium VULNERABILITY SUMMARY Potential security vulnerabilities in the HP Wide Vision FHD Camera firmware may allow the ability to update the...

PT-2020-6878 · Abb +1 · Abb Esoms +1

Name of the Vulnerable Software and Affected Versions: ABB eSOMS versions 4.0 to 6.0.3 Description: The issue is related to the ASP.NET Viewstate component of the ABB eSOMS software, which lacks authentication for a critical function. This could allow a remote attacker to disclose protected...

Two kernel-mode type-confusion / memory-corruption vulnerabilities in win32k!xxxRemoteReconnect

The Windows Kernel is subject to two related kernel-mode type-confusion vulnerabilities inside win32k!xxxRemoteReconnect. In both cases, a user-mode parameter passed to the syscall is incorrectly resolved to its underlying kernel representation via ObReferenceObjectByHandle passing NULL as the...

CVE-2020-7906

In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer. This issue was fixed in release version 2019.3...