CVE-2025-68162

In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration...

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides features such as continuous unit testing, code quality analysis and build issue analysis reports. A security vulnerability exists in JetBrains TeamCity...

EUVD-2015-6984

Malware in sbrugna...

[SECURITY] Fedora 41 Update: sqlite-3.46.1-5.fc41

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

[SECURITY] Fedora 42 Update: sqlite-3.47.2-5.fc42

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

CLSA-2025-1738696117 php: Fix of CVE-2024-8929

CVE-2024-8929: fix various heap buffer over-reads for mysqlnd - Modify spec and run-tests.php to fix extension loading during testing...

DEBIAN-CVE-2024-47881

OpenRefine is a free, open source tool for working with messy data. Starting in version 3.4-beta and prior to version 3.8.3, in the database extension, the "enableloadextension" property can be set for the SQLite integration, enabling an attacker to load local or remote extension DLLs and so run...

PT-2023-27436 · Apple · Macos Sonoma +1

Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.1 Description: A use-after-free issue was addressed with improved memory management, allowing an app to potentially execute arbitrary code with kernel privileges. Recommendations: For macOS Sonoma versions...

CVE-2020-15271

In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...

CVE-2019-3567

In some configurations an attacker can inject a new executable path into the extensions.load file for osquery and hard link a parent folder of a malicious binary to a folder with known 'safe' permissions. Under those circumstances osquery will load said malicious executable with SYSTEM permission...

MacOS Zero Day Allows Trusted Apps to Run Malicious Code

A researcher has revealed a zero-day flaw in Apple’s Mojave operating system tied to the way the OS verifies apps. The bug allows attackers to sneak past macOS security measures and run whitelisted apps that have been manipulated to run malicious code. macOS researcher Patrick Wardle revealed the...

OpenCart Arbitrary Code Execution Vulnerability

OpenCart is an open source e-commerce system from OpenCart China . The system provides product reviews, product ratings, product additions and other modules. A security vulnerability exists in the 'Program Extension Loading' feature in OpenCart 3.0.2.0 and earlier versions. An attacker can exploi...

Mozilla Firefox Information Disclosure Vulnerability (CNVD-2018-02236)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 58, where the Developer Tools panel in an extension is used to load URLs, but the program does not enforce this process in al...

Apple OS X Kernel Extended Load Verification Bypass Vulnerability

Apple OS X is an operating system developed by Apple Inc. An authentication bypass vulnerability exists in Apple OS X kernel extension loading, which allows attackers to exploit the vulnerability to execute arbitrary code with kernel privileges...

CVE-2015-7052

kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors...

CVE-2015-7052

kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors...

CVE-2015-7052

CVE-2015-7052 affects Apple OS X before 10.11.2 where kext tools mishandle kernel-extension loading, enabling local users to gain privileges via unspecified vectors. The vulnerability stems from the kernel-extension loading path, with an update shipped in OS X 10.11.2 to mitigate. Practical impac...