154 matches found
CVE-2024-43590 Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
...
CVE-2024-43590 Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
...
Microsoft Visual C++ Redistributable Installer 访问控制错误漏洞
Microsoft Visual C++ Redistributable Installer is an installer from Microsoft Corporation USA that is used to install the Microsoft C and C++ MSVC runtime libraries on a user's computer. An access control error vulnerability exists in Microsoft Visual C++ Redistributable Installer. An attacker...
PT-2024-6836
Name of the Vulnerable Software and Affected Versions Visual C++ Redistributable Installer affected versions not specified Description The issue is related to insufficient access restrictions in the Visual C++ Redistributable Installer, which is part of the Microsoft Visual Studio development...
KLA73906 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Visual C++...
CVE-2024-22410 Binary Planting Attack on Windows Platforms in Creditcoin
Creditcoin is a network that enables cross-blockchain credit transactions. The Windows binary of the Creditcoin node loads a suite of DLLs provided by Microsoft at startup. If a malicious user has access to overwrite the program files directory it is possible to replace these DLLs and execute...
Vulnerability of Cobalt, Graphite, Xenon, Argon, Lithium Ashlar-Vellum software for parametric automated design and 3D modeling: This vulnerability arises from reading beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Cobalt, Graphite, Xenon, Argon, and Lithium Ashlar-Vellum software for parametric automated design and 3D modeling involves reading data beyond the buffer limit in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by introducing specially...
PT-2022-6686 · Ashlar Vellum · Ashlar-Vellum Graphite
Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Graphite affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this issue, where th...
Bitter APT Hackers Continue to Target Bangladesh Military Entities
Military entities located in Bangladesh continue to be at the receiving end of sustained cyberattacks by an advanced persistent threat tracked as Bitter. "Through malicious document files and intermediate malware stages the threat actors conduct espionage by deploying Remote Access Trojans,"...
Backdoor.Win32.Xingdoor Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/89000e259ffbd107b7cc9bac66dcdcf5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Xingdoor Vulnerability: Denial of Service Description: The malware "SystemXingCheng"...
Emerson GE Automation Proficy Machine 缓冲区错误漏洞
Emerson GE Automation Proficy Machine Edition is an application from emerson, Inc. An automation solution. A buffer error vulnerability exists in Emerson GE Automation Proficy Machine that originates from a buffer overflow in Emerson GE Automation Proficy Machine Edition v8.0. The vulnerability c...
CVE-2021-35957
Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs in %WINDIR%\system32 with malicious ones...
Buffer overflow
Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs in %WINDIR%\system32 with malicious ones...
CVE-2021-35957
Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs in %WINDIR%\system32 with malicious ones...
Vulnerability of the MSVCR90!memcpy function in the WebAccess HMI Designer software for developing and managing HMI applications. This vulnerability allows attackers to cause system failures.
The vulnerability of the MSVCR90!memcpy function 0x000000000000015c in the WebAccess HMI Designer software for developing and managing HMI applications is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause...
The story of Adobe Reader symbols
Posted by Mateusz Jurczyk, Project Zero Modern day security analysis of client applications is often hindered by the inaccessibility of their source code and other aids such as debug symbols. As a result, it is necessary to perform completely black-box reverse engineering of the software, in orde...
ThreadBoat - Program Uses Thread Execution Hijacking To Inject Native Shellcode Into A Standard Win32 Application
Program uses Thread Hijacking to Inject Native Shellcode into a Standard Win32 Application. With Thread Hijacking, it allows the hijacker.exe program to suspend a thread within the target.exe program allowing us to write shellcode to a thread. Usage int main System sys; Interceptor incp; Exceptio...
CVE-2019-1552
OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versio...
Default configuration
OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versio...
(0Day) Microsoft Visual Studio asm Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows attackers to execute arbitrary code on executables compiled using vulnerable installations of Microsoft Visual Studio. Attack vectors will vary depending on the nature of the executable in question, but would include opening a specially crafted file which was compiled wi...