369 matches found
CVE-2025-54422 Sandboxie exposes encrypted sandbox key during password change
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.16.1 and below, a critical security vulnerability exists in password handling mechanisms. During encrypted sandbox creation, user passwords are transmitted via shared memory,...
Exploit for CVE-2025-50361
Global Buffer Overflow in SmallBASIC SmallBASIChttps://git...
CVE-2024-7421
An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions...
CVE-2021-21908
Specially-crafted command line arguments can lead to arbitrary file deletion. The handledelete function does not attempt to sanitize or otherwise validate the contents of the file parameter passed to the function as argv1, allowing an authenticated attacker to supply directory traversal primitive...
CVE-2021-21909
Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log file delete command. An attacker can provide malicious inputs to trigger this vulnerability...
CVE-2019-1010039
uLaunchELF commit 170827a is affected by: Buffer Overflow. The impact is: Possible code execution and denial of service. The component is: Loader program loader.c overly trusts the arguments provided via command line...
CVE-2005-2233
Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to 1 penable or other hard-linked files including 2 pdisable, 3 pstart, 4 phold, 5 pdelay, or 6 pshare...
CVE-2002-1814
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments...
Tenable Security Center SQLI (TNS-2025-06)
According to its self-reported version, the Tenable Security Center running on the remote host is version 6.5.0 or 6.5.1. It is, therefore, affected by a vulnerability as referenced in the TNS-2025-06 advisory. - Improper neutralization of quoting syntax in PostgreSQL libpq functions...
Exploit for SQL Injection in Code-Projects Patient_Record_Management_System
CVE-2025-32433 Erlang SSH Library Exploit A proof-of-concept...
PT-2025-13389 · Ibm · Ibm Cloud Pak System
Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak System versions 2.3.3.0 through 2.3.4.1 Description: The issue could allow a user with access to the network to obtain sensitive information from CLI arguments. Recommendations: For versions 2.3.3.0 through 2.3.4.1, consider...
postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation
A flaw was found in PostgreSQL. Due to improper neutralization of quoting syntax, affected versions potentially allow a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the affected function's result to constru...
UBUNTU-CVE-2024-50340
symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the registerargvargc php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by...
Access Restriction Bypass
Overview symfony/symfony is a PHP framework for web applications and a set of reusable PHP components. Affected versions of this package are vulnerable to Access Restriction Bypass when constructing functions in SymfoyRuntime.php, which allows the user to change environment or debug mode by...
"An Account is not Configured" Displayed On Startup when AllowAddStore is set to N in Registry
Citrix Workspace app for Windows is being configured via command line arguments and then launched programmatically The following error is displayed: An Account is not Configured. Please contact your administrator...
Exploit for CVE-2024-9166
CVE-2024-9166 Vulnerability Scanner A Python-based tool to sca...
CVE-2024-7421
An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions...
CVE-2024-7421
An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions...
CVE-2024-7421
The vulnerability CVE-2024-7421 affects Devolutions Remote Desktop Manager (versions up to 2024.2.20.0) on Windows. The issue is an information exposure where credentials used for WinSCP sessions can be retrieved by local attackers who can access system logs, via passwords found in command-line a...
Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft
IPv6 Vulnerability Packet Sender for Memory Corruption CVE-...