CVE-2026-40517

A flaw was found in radare2 that could lead to arbitrary operating system OS command execution. A local user could be exploited through a command injection vulnerability in the PDB Program Database parser. By processing a specially crafted malicious PDB file, the idp command would execute arbitra...

CVE-2026-40517

radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...

EUVD-2015-8758

Malware in sbrugna...

EUVD-2016-8390

Malware in sbrugna...

EUVD-2020-7224

Malware in sbrugna...

EUVD-2018-11697

Malware in sbrugna...

EUVD-2016-8384

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-15121

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the...

Remote Code Execution

.NET is vulnerable to Remote Code Execution RCE. The vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file which may lead to RCE...

Remote Code Execution

Microsoft .NET 7.0 and .NET 6.0 are vulnerable to Remote Code Execution RCE. The vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file which may lead to RCE...

GHSA-3QF9-QXFJ-4WHC Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...

Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...

Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...

Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...

PT-2023-5050 · Microsoft +1 · Visual Studio +2

Name of the Vulnerable Software and Affected Versions: Visual Studio affected versions not specified Description: The issue is related to insufficient input validation in Microsoft Visual Studio, which can be exploited to execute arbitrary code. This can allow an attacker to run malicious code on...

SUSE CVE-2015-8902

The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service infinite loop via a crafted PDB file...

SUSE CVE-2016-7531

MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds write via a crafted PDB file...

SUSE CVE-2016-7537

MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds access via a crafted PDB file...

Mageia: Security Advisory (MGASA-2020-0329)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-15121

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current...