I was taking a closer look at Xavier’s Word document he analyzed in yesterday’s diary entry: “Obfuscated with a Simple 0x0A“. I expected that the latest version of my zipdump tool would be able to handle this special ZIP file, but it didn’t. After a bit of research, I discoverd that this Word document not …
Read more “New Bypass Technique or Corrupt Word Document?, (Sat, Apr 4th)”
Ivanti Workspace Control before 10.4.30.0, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material).
Common/Grav.php in Grav before 1.6.23 has an Open Redirect.
Common/Grav.php in Grav before 1.6.23 has an Open Redirect.
bit2spr 1992-06-07 has a stack-based buffer overflow (129-byte write) in conv_bitmap in bit2spr.c via a long line in a bitmap file.
bit2spr 1992-06-07 has a stack-based buffer overflow (129-byte write) in conv_bitmap in bit2spr.c via a long line in a bitmap file.
Zoho ManageEngine ADSelfService Plus before 5815 allows unauthenticated remote code execution.
Zoho ManageEngine ADSelfService Plus before 5815 allows unauthenticated remote code execution.
Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a UAF vulnerability in EFI_BOOT_SERVICES in system management mode. A local unauthenticated attacker may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in system management mode.
Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a UAF vulnerability in EFI_BOOT_SERVICES in system management mode. A local unauthenticated attacker may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in system management mode.