Lucene search
+L

154 matches found

Vulnrichment
Vulnrichment
added 2024/10/08 5:36 p.m.29 views

CVE-2024-43590 Visual C++ Redistributable Installer Elevation of Privilege Vulnerability

...

7.8CVSS7.2AI score0.0043EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/08 5:36 p.m.60 views

CVE-2024-43590 Visual C++ Redistributable Installer Elevation of Privilege Vulnerability

...

7.8CVSS0.0043EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.7 views

Microsoft Visual C++ Redistributable Installer 访问控制错误漏洞

Microsoft Visual C++ Redistributable Installer is an installer from Microsoft Corporation USA that is used to install the Microsoft C and C++ MSVC runtime libraries on a user's computer. An access control error vulnerability exists in Microsoft Visual C++ Redistributable Installer. An attacker...

7.8CVSS6.4AI score0.0043EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/08 12:0 a.m.6 views

PT-2024-6836

Name of the Vulnerable Software and Affected Versions Visual C++ Redistributable Installer affected versions not specified Description The issue is related to insufficient access restrictions in the Visual C++ Redistributable Installer, which is part of the Microsoft Visual Studio development...

7.8CVSS7AI score0.0043EPSS
Exploits0References10
Kaspersky
Kaspersky
added 2024/10/08 12:0 a.m.75 views

KLA73906 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Visual C++...

9.8CVSS9.2AI score0.03052EPSS
Exploits0References34
OSV
OSV
added 2024/01/17 8:22 p.m.5 views

CVE-2024-22410 Binary Planting Attack on Windows Platforms in Creditcoin

Creditcoin is a network that enables cross-blockchain credit transactions. The Windows binary of the Creditcoin node loads a suite of DLLs provided by Microsoft at startup. If a malicious user has access to overwrite the program files directory it is possible to replace these DLLs and execute...

3.3CVSS7.3AI score0.00219EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/12/04 12:0 a.m.7 views

Vulnerability of Cobalt, Graphite, Xenon, Argon, Lithium Ashlar-Vellum software for parametric automated design and 3D modeling: This vulnerability arises from reading beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Cobalt, Graphite, Xenon, Argon, and Lithium Ashlar-Vellum software for parametric automated design and 3D modeling involves reading data beyond the buffer limit in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by introducing specially...

7.8CVSS7.9AI score0.0026EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/05 12:0 a.m.6 views

PT-2022-6686 · Ashlar Vellum · Ashlar-Vellum Graphite

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Graphite affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this issue, where th...

8.8CVSS7.3AI score0.00889EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2022/07/06 9:51 a.m.91 views

Bitter APT Hackers Continue to Target Bangladesh Military Entities

Military entities located in Bangladesh continue to be at the receiving end of sustained cyberattacks by an advanced persistent threat tracked as Bitter. "Through malicious document files and intermediate malware stages the threat actors conduct espionage by deploying Remote Access Trojans,"...

9.3CVSS0.3AI score0.95121EPSS
Exploits0
Packet Storm
Packet Storm
added 2022/04/07 12:0 a.m.292 views

Backdoor.Win32.Xingdoor Denial Of Service

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/89000e259ffbd107b7cc9bac66dcdcf5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Xingdoor Vulnerability: Denial of Service Description: The malware "SystemXingCheng"...

7.4AI score
Exploits0
CNNVD
CNNVD
added 2021/07/30 12:0 a.m.5 views

Emerson GE Automation Proficy Machine 缓冲区错误漏洞

Emerson GE Automation Proficy Machine Edition is an application from emerson, Inc. An automation solution. A buffer error vulnerability exists in Emerson GE Automation Proficy Machine that originates from a buffer overflow in Emerson GE Automation Proficy Machine Edition v8.0. The vulnerability c...

5.3CVSS5.9AI score0.00802EPSS
Exploits0References2
OSV
OSV
added 2021/07/13 2:15 p.m.6 views

CVE-2021-35957

Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs in %WINDIR%\system32 with malicious ones...

6.7CVSS6.7AI score0.00251EPSS
Exploits0References2
Prion
Prion
added 2021/07/13 2:15 p.m.17 views

Buffer overflow

Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs in %WINDIR%\system32 with malicious ones...

4.6CVSS6.5AI score0.00251EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/07/13 1:5 p.m.23 views

CVE-2021-35957

Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs in %WINDIR%\system32 with malicious ones...

6.7AI score0.00251EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/10/29 12:0 a.m.9 views

Vulnerability of the MSVCR90!memcpy function in the WebAccess HMI Designer software for developing and managing HMI applications. This vulnerability allows attackers to cause system failures.

The vulnerability of the MSVCR90!memcpy function 0x000000000000015c in the WebAccess HMI Designer software for developing and managing HMI applications is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause...

7.5CVSS5.9AI score0.01323EPSS
Exploits0References2Affected Software1
GoogleProjectZero
GoogleProjectZero
added 2019/10/08 12:0 a.m.22 views

The story of Adobe Reader symbols

Posted by Mateusz Jurczyk, Project Zero Modern day security analysis of client applications is often hindered by the inaccessibility of their source code and other aids such as debug symbols. As a result, it is necessary to perform completely black-box reverse engineering of the software, in orde...

7AI score
Exploits0
Kitploit
Kitploit
added 2019/10/03 8:57 p.m.123 views

ThreadBoat - Program Uses Thread Execution Hijacking To Inject Native Shellcode Into A Standard Win32 Application

Program uses Thread Hijacking to Inject Native Shellcode into a Standard Win32 Application. With Thread Hijacking, it allows the hijacker.exe program to suspend a thread within the target.exe program allowing us to write shellcode to a thread. Usage int main System sys; Interceptor incp; Exceptio...

7.2AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2019/08/26 2:59 p.m.44 views

CVE-2019-1552

OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versio...

3.6CVSS2.7AI score0.00678EPSS
Exploits0References4
Prion
Prion
added 2019/07/30 5:15 p.m.30 views

Default configuration

OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versio...

1.9CVSS5.7AI score0.00678EPSS
Exploits0References21Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2019/04/30 12:0 a.m.19 views

(0Day) Microsoft Visual Studio asm Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on executables compiled using vulnerable installations of Microsoft Visual Studio. Attack vectors will vary depending on the nature of the executable in question, but would include opening a specially crafted file which was compiled wi...

8.1CVSS5AI score
Exploits0
Rows per page
Query Builder