CVE-2022-42934

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...

EUVD-2020-30368

Malware in sbrugna...

EUVD-2018-7776

Malware in sbrugna...

EUVD-2020-28807

Malware in sbrugna...

EUVD-2021-20181

Malware in sbrugna...

EUVD-2023-25529

Malicious code in bioql PyPI...

EUVD-2023-0182

Malicious code in bioql PyPI...

CVE-2025-0664

A locally authenticated, privileged user can craft a malicious OpenSSL configuration file, potentially leading the agent to load an arbitrary local library. This may impair endpoint defenses and allow the attacker to achieve code execution with SYSTEM-level privileges...

SugarCRM 14.0.0 - SSRF/Code Injection

Exploit Title : SugarCRM 14.0.0 - SSRF/Code Injection Author: Egidio Romano aka EgiX Email : [email protected] Software Link: https://www.sugarcrm.com Affected Versions: All commercial versions before 13.0.4 and 14.0.1. CVE Reference: CVE-2024-58258 Vulnerability Description: User input passed...

CVE-2025-49526 Illustrator | Out-of-bounds Write (CWE-787)

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Adobe Bridge Access Uninitialized Pointer Vulnerability

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from an Access Uninitialized Pointer vulnerability that originates from an integer overflow, which can be exploited by an attacker to execute arbitrary code...

CVE-2025-23253

NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. A successful exploit of this vulnerability might lead to code execution, denial of service,...

Drupal 7.15 XML Injection

Drupal version 7.15 proof of concept XML external entity injection exploit that leverages a vulnerability originally discovered in 2012. ============================================================================================================================================= | Title : Drupal...

CVE-2022-2069

The APDFL.dll in Siemens JT2Go prior to V13.3.0.5 and Siemens Teamcenter Visualization prior to V14.0.0.2 contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current...

CVE-2024-47590

An unauthenticated attacker can create a malicious link which they can make publicly available. When an authenticated victim clicks on this malicious link, input data will be used by the web site page generation to create content which when executed in the victim's browser XXS or transmitted to...

PT-2023-36422 · Gnu +2 · Linux +2

Уязвимость функции drm mode setcrtc модуля drivers/gpu/drm/drm crtc.c драйвера DRM ядра операционной системы Linux связана с доступом к неинициализированной динамической памяти. Эксплуатация уязвимости может позволить нарушителю оказать влияние на целостность и доступность информации и выполнить...

Microsoft Edge Chakra JIT - Type Confusion with Hoisted SetConcatStrMultiItemBE Instructions

/ Here's a PoC: / function optstr for let i = 0; i .var s9.var = LdSlot s32s18l53.var s7.var = LdSlot s20s18l51.var s8.var = LdSlot s19s18l52.var s1Object.var = LdA 0x7FFFF47A0000 GlobalObjectObject.var s2.var = LdCAI4 0 0x0.i32 s3.var = LdCAI4 200 0xC8.i32 s4.var = LdCAI4 1 0x1.i32 s5String.var ...

Google Android - libstagefright Integer Overflow Remote Code Execution

!/usr/bin/python2 import cherrypy import os import pwnlib.asm as asm import pwnlib.elf as elf import sys import struct with open'shellcode.bin', 'rb' as tmp: shellcode = tmp.read while lenshellcode % 4 != 0: shellcode += '\x00' heap grooming configuration allocsize = 0x20 groomcount = 0x4 spraysi...

Bloginator 1a - SQL Command Injection via Cookie Bypass Exploit

No description provided by source. Author = FireShot , Jacopo Vuga. Thx to = Osirys for develop the Exploitation Code with me Mail = fireshotatautisticidotorg / osirysatautisticidotorg Vulnerability = SQL Command Injection mq = off Software = Bloginator V1A Download =...

TeamViewer File Opening Insecure Library Loading Vulnerability

This host is installed with TeamViewer and is prone to insecure library loading vulnerability. OpenVAS Vulnerability Test $Id: gbteamviewerinsecurelibloadvuln.nasl 8101 2017-12-13 10:23:10Z teissa $ TeamViewer File Opening Insecure Library Loading Vulnerability Authors: Madhuri D Copyright:...