Lucene search
K

369 matches found

Cvelist
Cvelist
added 2025/07/29 12:47 p.m.10 views

CVE-2025-54422 Sandboxie exposes encrypted sandbox key during password change

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.16.1 and below, a critical security vulnerability exists in password handling mechanisms. During encrypted sandbox creation, user passwords are transmitted via shared memory,...

6.9CVSS0.0007EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2025/07/09 10:56 a.m.94 views

Exploit for CVE-2025-50361

Global Buffer Overflow in SmallBASIC SmallBASIChttps://git...

7.5AI score0.0018EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/23 10:35 a.m.7 views

CVE-2024-7421

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions...

5.5CVSS6.4AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:12 p.m.6 views

CVE-2021-21908

Specially-crafted command line arguments can lead to arbitrary file deletion. The handledelete function does not attempt to sanitize or otherwise validate the contents of the file parameter passed to the function as argv1, allowing an authenticated attacker to supply directory traversal primitive...

6.5CVSS7AI score0.01441EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:12 p.m.5 views

CVE-2021-21909

Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log file delete command. An attacker can provide malicious inputs to trigger this vulnerability...

8.1CVSS7.1AI score0.01014EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:49 a.m.9 views

CVE-2019-1010039

uLaunchELF commit 170827a is affected by: Buffer Overflow. The impact is: Possible code execution and denial of service. The component is: Loader program loader.c overly trusts the arguments provided via command line...

9.8CVSS7.5AI score0.02258EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:16 a.m.8 views

CVE-2005-2233

Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to 1 penable or other hard-linked files including 2 pdisable, 3 pstart, 4 phold, 5 pdelay, or 6 pshare...

7.2CVSS8.1AI score0.00493EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 10:42 p.m.6 views

CVE-2002-1814

Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments...

4.6CVSS8AI score0.01116EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/04/28 12:0 a.m.61 views

Tenable Security Center SQLI (TNS-2025-06)

According to its self-reported version, the Tenable Security Center running on the remote host is version 6.5.0 or 6.5.1. It is, therefore, affected by a vulnerability as referenced in the TNS-2025-06 advisory. - Improper neutralization of quoting syntax in PostgreSQL libpq functions...

8.1CVSS8.2AI score0.89472EPSS
Exploits10References3
GithubExploit
GithubExploit
added 2025/04/24 7:31 p.m.756 views

Exploit for SQL Injection in Code-Projects Patient_Record_Management_System

CVE-2025-32433 Erlang SSH Library Exploit A proof-of-concept...

10CVSS8.9AI score0.97859EPSS
Exploits38
Positive Technologies
Positive Technologies
added 2025/03/27 12:0 a.m.4 views

PT-2025-13389 · Ibm · Ibm Cloud Pak System

Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak System versions 2.3.3.0 through 2.3.4.1 Description: The issue could allow a user with access to the network to obtain sensitive information from CLI arguments. Recommendations: For versions 2.3.3.0 through 2.3.4.1, consider...

7.5CVSS6.7AI score0.00326EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/02/20 3:2 p.m.7 views

postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

A flaw was found in PostgreSQL. Due to improper neutralization of quoting syntax, affected versions potentially allow a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the affected function's result to constru...

8.1CVSS7.3AI score0.89472EPSS
Exploits10References7
OSV
OSV
added 2024/11/06 9:15 p.m.2 views

UBUNTU-CVE-2024-50340

symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the registerargvargc php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by...

7.3CVSS5.8AI score0.63422EPSS
Exploits0References6
Snyk
Snyk
added 2024/11/06 12:41 p.m.1 views

Access Restriction Bypass

Overview symfony/symfony is a PHP framework for web applications and a set of reusable PHP components. Affected versions of this package are vulnerable to Access Restriction Bypass when constructing functions in SymfoyRuntime.php, which allows the user to change environment or debug mode by...

7.3CVSS7AI score0.63422EPSS
Exploits0References2
Citrix
Citrix
added 2024/10/16 12:0 a.m.27 views

"An Account is not Configured" Displayed On Startup when AllowAddStore is set to N in Registry

Citrix Workspace app for Windows is being configured via command line arguments and then launched programmatically The following error is displayed: An Account is not Configured. Please contact your administrator...

7.3AI score
Exploits0
GithubExploit
GithubExploit
added 2024/09/26 11:21 p.m.443 views

Exploit for CVE-2024-9166

CVE-2024-9166 Vulnerability Scanner A Python-based tool to sca...

9.3CVSS7.2AI score0.01578EPSS
Exploits2
NVD
NVD
added 2024/09/25 4:15 p.m.18 views

CVE-2024-7421

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions...

5.5CVSS0.00152EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/25 3:12 p.m.19 views

CVE-2024-7421

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions...

0.00152EPSS
Exploits0References1
CVE
CVE
added 2024/09/25 3:12 p.m.78 views

CVE-2024-7421

The vulnerability CVE-2024-7421 affects Devolutions Remote Desktop Manager (versions up to 2024.2.20.0) on Windows. The issue is an information exposure where credentials used for WinSCP sessions can be retrieved by local attackers who can access system logs, via passwords found in command-line a...

5.5CVSS6.5AI score0.00152EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2024/08/28 8:57 a.m.296 views

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

IPv6 Vulnerability Packet Sender for Memory Corruption CVE-...

9.8CVSS7.7AI score0.70564EPSS
Exploits24
Rows per page
Query Builder