448 matches found
Astra Linux – Vulnerability in binutils
The getcount function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service malloc calls with an integer overflow result or potentially have unspecified other impacts through a crafted string, as demonstrated by c++filt...
PT-2026-32504
CVE-2026-31048 An issue in the codepickle/code protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message. https://t.co/9RAOHY9pwL...
CVE-2026-31059
CVE-2026-31059 affects UTT Aggressive HiPER 520W with software version v3v1.7.7-180627, where the /goform/formDia component is vulnerable to remote command execution. The root cause is not explicitly detailed in the provided documents, but an attacker can craft input to execute arbitrary commands...
CVE-2026-31059
A remote command execution RCE vulnerability in the /goform/formDia component of UTT Aggressive HiPER 520W v3v1.7.7-180627 allows attackers to execute arbitrary commands via a crafted string...
CVE-2026-34938
PraisonAI is a multi-agent teams system. Prior to version 1.5.90, executecode in praisonai-agents runs attacker-controlled Python inside a three-layer sandbox that can be fully bypassed by passing a str subclass with an overridden startswith method to the safegetattr wrapper, achieving arbitrary ...
EUVD-2026-15043
An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3. Processing a maliciously crafted string may lead to heap corruption...
CVE-2022-26272
A remote code execution RCE vulnerability in Ionize v1.0.8.1 allows attackers to execute arbitrary code via a crafted string written to the file application/config/config.php...
CVE-2008-7229
GreenSQL Firewall greensql-fw before 0.9.2 allows remote attackers to bypass SQL injection protection via a crafted string, possibly involving an encoded space character %20...
CVE-2023-40703
Mattermost fails to properly limit the characters allowed in different fields of a block in Mattermost Boards allowing a attacker to consume excessive resources, possibly leading to Denial of Service, by patching the field of a block using a specially crafted string...
CVE-2025-61489
A command injection vulnerability in the shellexec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted command string...
CVE-2025-61489
A command injection vulnerability in the shellexec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted command string...
CVE-2025-61489
Affects: sonirico mcp-shell v0.3.1. Issue: command injection in the shell_exec function allows an attacker to execute arbitrary commands by supplying a crafted command string. Details across sources confirm the vulnerable component and the root cause as a shell_exec command handling flaw. Impact:...
EUVD-2017-6428
Malware in sbrugna...
EUVD-2014-6318
Malware in sbrugna...
EUVD-2016-5991
Malware in sbrugna...
EUVD-2015-7588
Malware in sbrugna...
EUVD-2012-4012
Malware in sbrugna...
EUVD-2005-4582
Malware in sbrugna...
EUVD-2021-26296
Malware in sbrugna...
EUVD-2005-2961
Malware in sbrugna...