This Metasploit module utilizes the Unified Remote remote control protocol to type out and deploy a payload. The remote control protocol can be configured to have no passwords, a group…

Trojan-Dropper.Win32.Corty.10 malware suffers from an insecure credential storage vulnerability.

Bookwyrm versions 0.4.3 and below suffer from an authentication bypass vulnerability due to a lack of rate limiting on OTP checks.

Trojan.Ransom.Ryuk.A ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. Once…

Buffalo TeraStation Network Attached Storage (NAS) version 1.66 suffers from an authentication bypass vulnerability.

ProcessMaker versions prior to 3.5.4 were discovered to be susceptible to a remote privilege escalation vulnerability.

Blink1Control2 version 2.2.7 suffers from a weak password encryption vulnerability.

Backdoor.Win32.Hellza.120 malware suffers from an authentication bypass vulnerability.

Backdoor.Win32.Hellza.120 malware suffers from a remote command execution vulnerability.

On Mali devices without the new CSF interface, IMPORTED_USER_BUF is released without flushing host-side VMAs, leading to a page use-after-free vulnerability.