Open the wrong “PDF” and attackers gain remote access to your PC

Cybercriminals behind a campaign dubbed DEADVAX are taking phishing one step further by delivering malware inside virtual hard disks that pretend to be ordinary PDF documents. Open the wrong “invoice” or “purchase order” and you won't see a document at all. Instead, Windows mounts a virtual drive...

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEADVAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass traditional detection mechanisms and deploy a remote access trojan RAT known as AsyncRAT. "The attack...

EUVD-1999-1306

Malware in sbrugna...

EUVD-2007-0143

Malware in sbrugna...

EUVD-2000-0156

Malware in sbrugna...

Denial Of Service (DoS)

radare2 is vulnerable to Denial of Service DoS attacks. The vulnerability exists in the vaxopfunction function in the radare2 codebase. The function is responsible for parsing and decoding VAX instructions. The vulnerability occurs when the function fails to properly check the size of a buffer...

PT-2023-12932 · Radare2 · Radare2

Name of the Vulnerable Software and Affected Versions: radare2 versions 5.4.0 through 5.4.2 Description: A heap buffer overflow issue exists in the vax opfunction of radare2. Recommendations: For versions 5.4.0 through 5.4.2, at the moment, there is no information about a newer version that...

Anti-vaxxer dating site exposes user data

An anti-vax dating site has been revealed as shockingly easy to compromise by security researchers. Many major aspects of the site, from membership subscriptions to support tickets, were found to be vulnerable. The site, called Unjected, has been around since last year. It functions as a sort of...

Spoofing Bug Highlights Cybersecurity for Digital Vaccine Passports

Three weeks after an independent researcher found a critical bug in the Services Australia COVID-19 digital vaccine certificate that would allow an attacker to falsify someone’s vaccine status, it still hasn’t been fixed. Researcher Richard Nelson looked into the security behind a new digital...

Telegram Fraudsters Ramp Up Forged COVID-19 Vaccine Card Sales

Telegram groups are being abused by fraudsters peddling fake COVID-19 vaccination cards to the unvaccinated and anti-vaxxer communities, according to researchers. Brittany Allen, trust and safety architect at Sift, noticed the illicit sales on the encrypted messaging platform as the COVID-19...

Morris Worm - fingerd Stack Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Morris Worm fingerd Stack Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in fingerd on 4.3BSD. This...

Morris Worm fingerd Stack Buffer Overflow Exploit

This Metasploit module exploits a stack buffer overflow in fingerd on 4.3BSD. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2017-17482

An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is...

CVE-2017-17482

An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is...

Buffer overflow

An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is...

CVE-2017-17482

An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is...

CVE-2017-17482

An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is...

BSD 4.2 fingerd buffer overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2/info fingerd is a remote user information server that implements the protocol defined in RFC742. There exists a buffer overflow in finderd that allows a remote attacker to execute any local binaries. finderd reads input...

VUPlayer buffer overflow

Buffer overflow on .ASX / .VAX files parsing...

The invasion of Spy satellite system technologies-vulnerability warning-the black bar safety net

VAX: VAX stands for Virtual Address Extension. The VAX computer is due to hardware limitations, is designed to store the address, so that it can be a simple operation to some great adapted to store the program. The VAX computer system is the DESDigital Equipment CorporationCompany design...