CVE-2026-55697

pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can install configDependencies declared in pnpm-workspace.yaml before command dispatch. Before the patch, a repository could declare pacquet or @pnpm/pacquet as a config dependency and pnpm treated that repository-controlled dependency ...

CVE-2026-55697

pnpm is vulnerable prior to 10.34.2 and 11.5.3: repository‑controlled configDependencies in pnpm-workspace.yaml could cause pnpm to install a repository‑controlled install‑engine (pacquet) by resolving a platform‑specific @pacquet/-/pacquet binary from node_modules/.pnpm-config and spawning it as...

CVE-2026-55697

pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can install configDependencies declared in pnpm-workspace.yaml before command dispatch. Before the patch, a repository could declare pacquet or @pnpm/pacquet as a config dependency and pnpm treated that repository-controlled dependency ...

EUVD-2014-4212

Malware in sbrugna...

EUVD-2014-4206

Malware in sbrugna...

CVE-2014-4283

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than CVE-2014-4277...

Design/Logic Flaw

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than CVE-2014-4277...

Design/Logic Flaw

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than CVE-2014-4283...

CVE-2014-4283

Technical details about CVE-2014-4283 are not publicly disclosed in the provided documents. Monitor for updates.

CVE-2014-4283

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than CVE-2014-4277...

Internet Explorer Install Engine Buffer Overflow (CVE-2004-0216)

Microsoft Internet Explorer is a popular web browser bundled with the Microsoft Windows operating system. The browser is capable of communicating with HTTP and HTTPS compliant servers. The browser also has the capability to launch locally-installed libraries, or ActiveX controls, embedded in web...

CVE-2004-0216

Integer overflow in the Install Engine inseng.dll for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-bas...

CVE-2004-0216

CVE-2004-0216 is an Install Engine vulnerability in Internet Explorer (inseng.dll) affecting IE 5.01, 5.5, and 6. It enables remote code execution when a user opens a malicious website or HTML email containing a long CAB file name, triggering an integer/buffer length overflow in the Install Engin...

Microsoft Internet Explorer Install Engine contains a buffer overflow vulnerability

Overview The Active Setup Install Engine in Microsoft Internet Explorer contains a buffer overflow vulnerability. This may allow an attacker to take complete control of a vulnerable system. Description The Active Setup Install Engine inseng.dll permits cabinet files to be launched and executed...