CVE-2025-59050 Greenshot — Insecure .NET deserialization via WM_COPYDATA enables local code execution

Greenshot is an open source Windows screenshot utility. Greenshot 1.3.300 and earlier deserializes attacker-controlled data received in a WMCOPYDATA message using BinaryFormatter.Deserialize without prior validation or authentication, allowing a local process at the same integrity level to trigge...

CLSA-2025-1758011363 Update of alt-php

Bump ABI 4.15.0-251...

CVE-2025-57625

CYRISMA Sensor before 444 for Windows has an Insecure Folder and File Permissions vulnerability. A low-privileged user can abuse these issues to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM by replacing DataSpotliteAgent.exe or any other binaries called by...

Oracle Essbase Installed (Linux

Binary data oracleessbasenixinstalled.nbin...

Apple iOS < 15.8.5 Vulnerability (125142)

Binary data appleios1585check.nbin...

Apple iOS < 16.7.12 Vulnerability (125141)

Binary data appleios16712check.nbin...

Apple iOS < 26 Multiple Vulnerabilities (125108)

Binary data appleios26check.nbin...

Fedora 43 : exiv2 (2025-c23727e694)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-c23727e694 advisory. Exiv2 0.28.6 + patch to fix silent abi breakage ---- Exiv2 v0.28.6 Fixes two low severity CVEs Tenable has extracted the preceding description block...

ASLRay

This repository contains a Linux ELF x32/x64 ASLR DEP/NX bypass exploit with stack-spraying. The exploit targets the test binary, which is a simple program that takes a string argument and prints it. The exploit works by spraying the stack with a large amount of data, which increases the chances ...

Software-Security-Learning

It is an offensive tool for binary analysis. The repository Software-Security-Learning contains a collection of resources for learning software security, including tools and tutorials for binary analysis. The tools listed include Pharos, Angr, Vuzzer, PEDA, and pwntools, which are used for static...

CTFium

This is a collection of CTF Capture The Flag writeups by PersianCats. It is a repository of technical writeups for various CTF challenges from different events. The writeups cover a range of topics, including exploitation of vulnerabilities, reverse engineering, and binary analysis. The repositor...

PinTools

This repository is an example and proof-of-concept PoC for dynamic binary analysis using the Pin tool. The code is designed to detect the classical use-after-free vulnerability. The Pin tool is a dynamic binary instrumentation framework that allows developers to analyze and modify the behavior of...

[SECURITY] Fedora 41 Update: uv-0.8.11-2.fc41

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

CVE-2025-10236

A vulnerability has been found in binary-husky gptacademic up to 3.91. Impacted is the function mergetexfiles of the file crazyfunctions/latexfns/latextoolbox.py of the component LaTeX File Handler. Such manipulation of the argument \input leads to path traversal. The attack may be launched...

OESA-2025-2275 binutils security update

Binutils is a collection of binary utilities, including ar for creating, modifying and extracting from archives, as a family of GNU assemblers, gprof for displaying call graph profile data, ld the GNU linker, nm for listing symbols from object files, objcopy for copying and translating object...

CVE-2025-27466

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...

CVE-2025-58142

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...

CVE-2025-10236

CVE-2025-10236 affects binary-husky gpt_academic up to version 3.91. The vulnerability resides in the LaTeX File Handler’s merge_tex_files_ function inside crazy_functions/latex_fns/latex_toolbox.py, where untrusted input passed to the \

PT-2025-37110

Name of the Vulnerable Software and Affected Versions: binary-husky gpt academic versions up to 3.91 Description: A path traversal issue exists in the LaTeX File Handler component of binary-husky gpt academic. The merge tex files function within the crazy functions/latex fns/latex toolbox.py file...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the /api/v2/hoverfly/middleware endpoint. An attacker can execute arbitrary system commands by supplying crafted input to the binary and script parameters, which are passed directly to command execution without...