EUVD-2014-1898

Malware in sbrugna...

EUVD-2025-25682

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-1010057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component...

CVE-2025-6218 RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability

RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...

CVE-2024-33430

An issue in phiola/src/afilter/pcmconvert.h:513 of phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via the a crafted .wav file...

CVE-2024-43700

xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment...

GTKWave integer overflow vulnerability (CNVD-2024-37203)

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An integer overflow vulnerability exists in GTKWave version 3.3.118, which can be exploited by an attacker to potentially cause arbitrary code execution via a specially crafted fst file...

Xxe

An XML External Entity XXE vulnerability in urule v2.1.7 allows attackers to execute arbitrary code via uploading a crafted XML file to /urule/common/saveFile...

CVE-2021-4173

A flaw was found in vim. A possible use after free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution...

Format string

DISPUTED In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parties dispute the significance of this finding...

CVE-2017-9902

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at Xfpx!gffGetFormatInfo+0x0000000000020e91."...

Sql injection

Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest...

GLSA-200412-18 : abcm2ps: Buffer overflow vulnerability

The remote host is affected by the vulnerability described in GLSA-200412-18 abcm2ps: Buffer overflow vulnerability Limin Wang has located a buffer overflow inside the putwords function in the abcm2ps code. Impact : A remote attacker could convince the victim to download a specially crafted ABC...