Nsasoft SpotAuditor 安全漏洞

Nsasoft SpotAuditor is a advanced password recovery software developed by the US company Nsasoft. It is designed to restore passwords that have been lost or forgotten from over 40 popular Windows programs and tools. Version 5.3.2 of Nsasoft SpotAuditor contains a security vulnerability; this...

EUVD-2021-14406

Malware in sbrugna...

K94041354: OpenSSL vulnerability CVE-2019-1552

Security Advisory Description OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configurati...

InnoSetup 代码问题漏洞

InnoSetup is a free installer for Windows programs provided by Jordan Russell and Martijn Laan of jrsoftware. A security vulnerability exists in InnoSetup that originates from an uncontrolled search path in the application's installer...

Magic Hound Exploiting Old Microsoft Exchange ProxyShell Vulnerabilities

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here APT35 aka Magic Hound, an Iranian-backed threat group, has begun using Microsoft Exchange ProxyShell vulnerabilities as an initial attack vector and to execute code through multiple web shells. The group has primarily targeted...

CVE-2021-27660

An insecure client auto update feature in C-CURE 9000 can allow remote execution of lower privileged Windows programs...

Design/Logic Flaw

An insecure client auto update feature in C-CURE 9000 can allow remote execution of lower privileged Windows programs...

CVE-2021-27660 C-CURE 9000

An insecure client auto update feature in C-CURE 9000 can allow remote execution of lower privileged Windows programs...

CVE-2021-27660

CVE-2021-27660 affects Johnson Controls C-CURE 9000. The vulnerability arises from an insecure client auto-update feature (improper input validation CWE-20) that can enable remote execution of lower-privileged Windows programs. Impact is high (C/H/I/H/A/H) with network vector and low attack compl...

CVE-2019-1552

OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versio...

FreeBSD : mozilla -- multiple vulnerabilities (05da6b56-3e66-4306-9ea3-89fafe939726)

Mozilla Foundation reports : CVE-2019-9790: Use-after-free when removing in-use DOM elements CVE-2019-9791: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey CVE-2019-9792: IonMonkey leaks JSOPTIMIZEDOUT magic value to script CVE-2019-9793: Improper...

Veeam Availability Console U1 Cumulative Patch 1913

Challenge Veeam Availability Console U1 Cumulative Patch 1913. This update supersedes Veeam Availability Console U1 Cumulative Patch 1850. Cause Please confirm you are running version 2.0.2.1750 or later prior to installing this cumulative patch 1913. You can check this under Windows Programs and...

RPISEC: Malware Analysis

This material was developed and used by RPISEC to teach Malware Analysis at Rensselaer Polytechnic Institute in Fall 2015. This was a university course developed and run solely by students, primarily using the Practical Malware Analysis book by Michael Sikorski and Andrew Honig, to teach skills i...

PAExec - The Redistributable PsExec (Launch Remote Windows Apps)

PAExec lets you launch Windows programs on remote Windows computers without needing to install software on the remote computer first. For example, you could launch CMD.EXE remotely and have the equivalent of a terminal session to the remote server. PAExec is useful for doing remote installs,...

Checks XP Internetcommunication of some Programs - Windows

The script Checks XP Internetcommunication of some Programs: Internet Explorer Windows Media Player Windows Messenger Windows Zeitdienst Hilfe- und Supportcenter Windows Update Gerätemanager Windows Aktivierung und Registrierung Aktualisierung der Stammzertifikate Ereignisanzeige Webdienst...

Checks XP Internetcommunication of some Programs (Windows)

The script Checks XP Internetcommunication of some Programs: Internet Explorer Windows Media Player Windows Messenger Windows Zeitdienst Hilfe- und Supportcenter Windows Update Gerätemanager Windows Aktivierung und Registrierung Aktualisierung der Stammzertifikate Ereignisanzeige Webdienst...

Mandriva Update for wine MDVA-2008:057 (wine)

Check for the Version of wine OpenVAS Vulnerability Test Mandriva Update for wine MDVA-2008:057 wine Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Preemptive Protection against WMF/EMF Vulnerabilities (MS07-017)

A remote code execution vulnerability has been discovered in the rendering of Enhanced Metafile EMF image format, and a denial of service vulnerability exists in the rendering of Windows Metafile WMF image format. WMF and EMF are image formats used in many Windows programs including Internet...