CVE-2025-49797

Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the...

CVE-2021-35448

Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections...

CVE-2021-3013

ripgrep before 13 on Windows allows attackers to trigger execution of arbitrary programs from the current working directory via the -z/--search-zip or --pre flag...

CVE-2020-13661

Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must interactively choose the Open On Browser...

CVE-2019-12138

MacDown 0.7.1 allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note...

CVE-2024-32019

Netdata is an open source observability tool. In affected versions the ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The ndsudo tool is packaged as a root-owned executable with the SUID bit set. It only runs a...

CVE-2023-30759

The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege. If a non-administrative user modifies the driver installation package and runs it on the target PC, an...

SUSE CVE-2008-5027

The Nagios process in 1 Nagios before 3.0.5 and 2 op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an a custom form or a b browser addon...

libXpm: compression commands depend on $PATH

A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH...

CVE-2021-35448

The CVE-2021-35448 entry concerns Emote Interactive Remote Mouse 3.008 for Windows. Affected functionality is the Image Transfer Folder feature, where an attacker can navigate to cmd.exe, enabling arbitrary program execution with Administrator privileges. The exploit is a local privilege escalati...

CVE-2021-35448

Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections...

CVE-2021-3013

ripgrep before 13 on Windows allows attackers to trigger execution of arbitrary programs from the current working directory via the -z/--search-zip or --pre flag...

ripgrep 命令注入漏洞

Ripgrep is a line-oriented search tool for applications that recursively searches the current directory for regular expression patterns. Ripgrep suffers from a command injection vulnerability that stems from Ripgrep before 13 that allows an attacker to trigger the execution of an arbitrary progra...

Unisys Desktop OS Personal Edition (1030) x86_64 has a logic flaw vulnerability

Unisys Desktop Operating System Personal Edition is Unisys software based on Linux5.3 kernel to create a domestic desktop operating system designed for individual users. Unisign Desktop OS Personal Edition 1030 x8664 has a logic flaw vulnerability, which can be exploited by an attacker to bypass...

Critical Cisco Jabber Bug Could Let Attackers Hack Remote Systems

Cisco on Wednesday released software updates to address multiple vulnerabilities affecting its Jabber messaging clients across Windows, macOS, Android, and iOS. Successful exploitation of the flaws could permit an "attacker to execute arbitrary programs on the underlying operating system with...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

CVE-2021-1471 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

CVE-2021-1471

Cisco Jabber for Windows, macOS, and mobile platforms were affected by multiple vulnerabilities leading to possible remote code execution with the user’s privileges, access to sensitive data, interception of protected traffic, or DoS. Cisco notes these originate from Cisco Jabber components and h...

CVE-2020-26085

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system OS with elevated privileges or gain access to sensitive information. For more information about these...