Astra Linux - уязвимость в binutils

The getcount function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service malloc calls with an integer overflow result or potentially have unspecified other impacts through a crafted string, as demonstrated by c++filt...

PT-2026-32504

CVE-2026-31048 An issue in the codepickle/code protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message. https://t.co/9RAOHY9pwL...

CVE-2026-31059

CVE-2026-31059 affects UTT Aggressive HiPER 520W with software version v3v1.7.7-180627, where the /goform/formDia component is vulnerable to remote command execution. The root cause is not explicitly detailed in the provided documents, but an attacker can craft input to execute arbitrary commands...

CVE-2026-31059

A remote command execution RCE vulnerability in the /goform/formDia component of UTT Aggressive HiPER 520W v3v1.7.7-180627 allows attackers to execute arbitrary commands via a crafted string...

CVE-2026-34938

PraisonAI is a multi-agent teams system. Prior to version 1.5.90, executecode in praisonai-agents runs attacker-controlled Python inside a three-layer sandbox that can be fully bypassed by passing a str subclass with an overridden startswith method to the safegetattr wrapper, achieving arbitrary ...

EUVD-2026-15043

An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3. Processing a maliciously crafted string may lead to heap corruption...

CVE-2022-26272

A remote code execution RCE vulnerability in Ionize v1.0.8.1 allows attackers to execute arbitrary code via a crafted string written to the file application/config/config.php...

CVE-2008-7229

GreenSQL Firewall greensql-fw before 0.9.2 allows remote attackers to bypass SQL injection protection via a crafted string, possibly involving an encoded space character %20...

CVE-2023-40703

Mattermost fails to properly limit the characters allowed in different fields of a block in Mattermost Boards allowing a attacker to consume excessive resources, possibly leading to Denial of Service, by patching the field of a block using a specially crafted string...

CVE-2025-61489

A command injection vulnerability in the shellexec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted command string...

CVE-2025-61489

A command injection vulnerability in the shellexec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted command string...

CVE-2025-61489

Affects: sonirico mcp-shell v0.3.1. Issue: command injection in the shell_exec function allows an attacker to execute arbitrary commands by supplying a crafted command string. Details across sources confirm the vulnerable component and the root cause as a shell_exec command handling flaw. Impact:...

EUVD-2014-6318

Malware in sbrugna...

EUVD-2021-26296

Malware in sbrugna...

EUVD-2015-4624

Malware in sbrugna...

EUVD-2005-2961

Malware in sbrugna...

EUVD-2017-6428

Malware in sbrugna...

EUVD-2016-5991

Malware in sbrugna...

EUVD-2013-7160

Malware in sbrugna...

EUVD-2020-0391

Malware in sbrugna...