EUVD-2017-15059

Malware in sbrugna...

EUVD-2018-8339

Malware in sbrugna...

EUVD-2022-1734

Malicious code in bioql PyPI...

CVE-2011-10024

MJM Core Player likely now referred to as MJM Player 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute...

CVE-2011-10023

MJM QuickPlayer also known as MJM Player version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitrary code...

CVE-2011-10023

CVE-2011-10023 affects MJM QuickPlayer/Player (≈2010) with a stack-based buffer overflow in the .s3m file parser. The flaw stems from improper bounds checking, enabling memory overwrite and arbitrary code execution. Exploitation described uses a crafted payload that bypasses DEP/ASLR via ROP and ...

CVE-2011-10023

MJM QuickPlayer also known as MJM Player version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitrary code...

CVE-2011-10024

CVE-2011-10024 affects MJM Core Player (2011) where the .s3m file parser has a stack-based buffer overflow due to improper bounds checking. The vulnerability is triggered when a user opens a crafted .s3m file, allowing an attacker to overwrite stack memory and execute arbitrary code. Exploitation...

CVE-2011-10024 MJM Core Player 2011 .s3m File Stack-Based Buffer Overflow

MJM Core Player likely now referred to as MJM Player 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute...

PT-2025-34104

Name of the Vulnerable Software and Affected Versions MJM QuickPlayer version 2010 Description MJM QuickPlayer also known as MJM Player contains a stack-based buffer overflow triggered by opening a malicious .s3m music file. This issue arises from improper bounds checking in the file parser, whic...

PT-2025-23545 · Autodesk · Autodesk Revit

Name of the Vulnerable Software and Affected Versions: Autodesk Revit affected versions not specified Description: A maliciously crafted RFA file, when linked or imported into Autodesk Revit, can force a Use-After-Free issue. This can be leveraged by a malicious actor to cause a crash, read...

CVE-2022-39266

isolated-vm is a library for nodejs which gives the user access to v8's Isolate interface. In versions 4.3.6 and prior, if the untrusted v8 cached data is passed to the API through CachedDataOptions, attackers can bypass the sandbox and run arbitrary code in the nodejs process. Version 4.3.7...

CVE-2019-15349

The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service named...

CVE-2017-8776

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the...

CVE-2019-14349

EspoCRM version 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the api/v1/Document functionality for storing documents in the account tab. An attacker can upload a crafted file that contains JavaScript code in its name. This code will be executed when a user...

PT-2025-22418 · Tibco · Tibco Activematrix Administrator

Name of the Vulnerable Software and Affected Versions: TIBCO ActiveMatrix Administrator affected versions not specified Description: The issue allows malicious data to appear as part of the website and run within a user's browser under the privileges of the web application. This is due to a Store...

CVE-2025-0756 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')

Overview The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control. CWE-99 Description Hitachi Vantara Pentaho Data Integration &...

CVE-2025-1651

CVE-2025-1651 concerns Autodesk AutoCAD and a vulnerability in parsing a malicious MODEL file that can trigger a Heap-Based Overflow. Affected component: MODEL file parsing in AutoCAD. Root cause: heap overflow during processing of a crafted MODEL file, enabling crash, potential information discl...

CVE-2025-22624

FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensions/albums/admin/class-meta boxes.php...

Using Valgrind on Chrome

Brief script that demonstrates running valgrind and afl-fuzz on Google Chrome. This favorite code for security auditing and memory leak detection with Valgrind runs the Valgrind tool and several other tools to check for memory leaks, which can lead to resource buffer overflows and more. Exploit /...