Win32.Ransom.Conti ransomware fails to encrypt non PE files that have a “.exe” in the filename. Creating specially crafted file names successfully evaded encryption for this malware sample.
Backdoor.Win32.Autocrat.b MVID-2022-0660 Weak Hardcoded Credential
Backdoor.Win32.Autocrat.b malware suffers from a weak hardcoded credential vulnerability.
Ecommerce 1.0 Cross Site Scripting / Open Redirect
Ecommerce version 1.0 suffers from cross site scripting and open redirection vulnerabilities.
F5 BIG-IP iControl Remote Command Execution
This Metasploit module exploits a newline injection into an RPM .rpmspec file that permits authenticated users to remotely execute commands. Successful exploitation results in remote code execution as the root user.
F5 BIG-IP iControl Remote Command Execution
This Metasploit module exploits a newline injection into an RPM .rpmspec file that permits authenticated users to remotely execute commands. Successful exploitation results in remote code execution as the root user.
Backdoor.Win32.Serman.a MVID-2022-0659 Unauthenticated Open Proxy
Backdoor.Win32.Serman.a malware suffers from an unauthenticated open proxy vulnerability.
Trojan.Win32.Platinum.gen MVID-2022-0657 Code Execution
Trojan.Win32.Platinum.gen malware suffers from a code execution vulnerability.
ClicShopping 3.402 Cross Site Scripting
ClicShopping version 3.402 suffers from a cross site scripting vulnerability.
ZTE ZXHN-H108NS Stack Buffer Overflow / Denial Of Service
ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7u_ZRD_GR2_A68 remote stack buffer overflow exploit that causes a denial of service condition.
Backdoor.Win32.Oblivion.01.a MVID-2022-0658 Insecure Transit
Backdoor.Win32.Oblivion.01.a malware suffers from an insecure transit vulnerability due to sending passwords in the clear over the wire.