PT-2026-33510

On Windows, Claude Code loaded system-wide default configuration from C:ProgramDataClaudeCodemanaged-settings.json without validating directory ownership or access permissions. Because the ProgramData directory is writable by non-administrative users by default and the ClaudeCode subdirectory was...

EUVD-2018-21714

NetSetMan 4.7.1 contains a buffer overflow vulnerability in the Workgroup feature that allows local attackers to crash the application by supplying oversized input. Attackers can create a malicious configuration file with excessive data and paste it into the Workgroup field to trigger a denial of...

CVE-2018-25228

NetSetMan 4.7.1 is affected by a local-denial-of-service vulnerability in the Workgroup feature, caused by a buffer overflow when oversized data is placed in the Workgroup field of a malicious configuration file. This can crash the application. Affected component: Workgroup handling in NetSetMan ...

PT-2026-29014

NetSetMan 4.7.1 contains a buffer overflow vulnerability in the Workgroup feature that allows local attackers to crash the application by supplying oversized input. Attackers can create a malicious configuration file with excessive data and paste it into the Workgroup field to trigger a denial of...

PsySH has Local Privilege Escalation via CWD .psysh.php auto-load

Summary PsySH automatically loads and executes a .psysh.php file from the Current Working Directory CWD on startup. If an attacker can write to a directory that a victim later uses as their CWD when launching PsySH, the attacker can trigger arbitrary code execution in the victim's context. When t...

CVE-2021-22759

A CWE-416: Use after free vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in loss of data or remote code execution due to use of unchecked input data, when a malicious CGF file is imported to IGSS Definition...

CVE-2025-64109

Cursor is a code editor built for programming with AI. In versions and below, a vulnerability in the Cursor CLI Beta allowed an attacker to achieve remote code execution through the MCP Model Context Protocol server mechanism by uploading a malicious MCP configuration in .cursor/mcp.json file in ...

CVE-2025-64109 Cursor CLI Beta: Command Injection via Untrusted MCP Configuration

Cursor is a code editor built for programming with AI. In versions and below, a vulnerability in the Cursor CLI Beta allowed an attacker to achieve remote code execution through the MCP Model Context Protocol server mechanism by uploading a malicious MCP configuration in .cursor/mcp.json file in ...

PT-2025-45063

Name of the Vulnerable Software and Affected Versions Cursor versions prior to 2025.09.17-25b418f Description Cursor is a code editor designed for programming with AI. A flaw in the Cursor CLI Beta could allow a remote attacker to execute code. This is possible through the Model Context Protocol...

EUVD-2023-30116

Malicious code in bioql PyPI...

EUVD-2021-9942

Malicious code in bioql PyPI...

EUVD-2024-29372

Malicious code in bioql PyPI...

EUVD-2022-44223

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-7788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the...

CVE-2021-22807

A CWE-787: Out-of-bounds Write vulnerability exists that could cause arbitrary code execution when a malicious .gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 Build 683.003 and prior...

QOS.CH logback-core Expression Language Injection vulnerability

ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core up to and including version 1.5.12 in Java applications allows attackers to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before program execution. Malicious...

UBUNTU-CVE-2024-12798

ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 in Java applications allows attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before program...

CVE-2024-27167

CVE-2024-27167 affects Toshiba printers that use Sendmail to send emails. The issue arises because Sendmail is used with several insecure directories, allowing a local attacker to inject a malicious Sendmail configuration file. Affected products/models/versions are referenced in the linked source...

CVE-2024-31492

An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...

CVE-2023-6381

Improper input validation vulnerability in Newsletter Software SuperMailer affecting version 11.20.0.2204. An attacker could exploit this vulnerability by sending a malicious configuration file file with SMB extension to a user via a link or email attachment and persuade the user to open the file...