Lucene search
K

1567 matches found

EUVD
EUVD
added 2026/01/31 12:30 a.m.5 views

EUVD-2020-30941

RM Downloader 2.50.60 contains a local buffer overflow vulnerability in the 'Load' parameter that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload with an egg hunter technique to bypass memory protections and execute commands like launching...

8.4CVSS6.4AI score0.00201EPSS
Exploits0References5
NVD
NVD
added 2026/01/30 11:16 p.m.6 views

CVE-2020-37042

Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the 'Find Computer' feature that allows attackers to execute arbitrary code by overflowing the computer name input field. Attackers can craft a malicious payload that triggers a buffer overflow, enabling code executio...

8.4CVSS0.00188EPSS
Exploits0References3
NVD
NVD
added 2026/01/30 11:16 p.m.5 views

CVE-2020-37031

Simple Startup Manager 1.17 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory through the 'File' input parameter. Attackers can craft a malicious payload with 268 bytes to trigger code execution, bypassing DEP and overwriting memo...

8.6CVSS0.00161EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/30 10:7 p.m.4 views

CVE-2020-37036

RM Downloader 2.50.60 contains a local buffer overflow vulnerability in the 'Load' parameter that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload with an egg hunter technique to bypass memory protections and execute commands like launching...

8.4CVSS6.4AI score0.00201EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/30 10:7 p.m.3 views

CVE-2020-37031

Simple Startup Manager 1.17 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory through the 'File' input parameter. Attackers can craft a malicious payload with 268 bytes to trigger code execution, bypassing DEP and overwriting memo...

8.6CVSS6.4AI score0.00161EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/22 9:39 p.m.4 views

CVE-2026-23953

Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration e.g a member of the ‘incus’ group can create an environment variable containing newlines, which can be used to add additional...

8.7CVSS6AI score0.00471EPSS
Exploits1References5Affected Software1
Microsoft KB
Microsoft KB
added 2026/01/17 12:0 a.m.32 views

January 17, 2026—KB5077797 (OS Build 22631.6494) Out-of-band

January 17, 2026—KB5077797 OS Build 22631.6494 Out-of-band ​​​​This out-of-band update for Windows 11, version 23H2 KB5077797 is cumulative. It includes updates from previous security releases, along with an additional fix. To learn more about differences between security updates, optional...

5.6AI score
Exploits0
Cvelist
Cvelist
added 2026/01/13 1:13 a.m.27 views

CVE-2026-0500 Remote code execution in SAP Wily Introscope Enterprise Manager (WorkStation)

Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager WorkStation, an unauthenticated attacker could create a malicious JNLP Java Network Launch Protocol file accessible by a public facing URL. When a victim clicks on the URL the accessed Wily Introscope...

9.6CVSS0.00351EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.6 views

MiracleLinux 7 : gnome-shell-3.28.3-34.0.2.el7.AXS7 (AXSA:2025-9565:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9565:01 advisory. CVE-2024-36472: fix portal helper from launching automatically based on network responses to prevent loading untrusted JavaScript code CVEs: CVE-2024-36472 I...

6.5CVSS6.7AI score0.00299EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.6 views

CVE-2023-40079

In injectSendIntentSender of ShortcutService.java, there is a possible background activity launch due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.1AI score0.00127EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.8 views

CVE-2023-40109

In createFromParcel of UsbConfiguration.java, there is a possible background activity launch BAL due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.8CVSS7.1AI score0.00186EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.7 views

CVE-2023-40095

In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.1AI score0.00126EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:18 a.m.5 views

CVE-2021-0608

In handleAppLaunch of AppLaunchActivity.java, there is a possible arbitrary activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

7.8CVSS6.9AI score0.00117EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:15 a.m.7 views

CVE-2019-2173

In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch due to an incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS7AI score0.00161EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:8 a.m.9 views

CVE-2019-20533

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 released in China or India software. The S Secure app can launch masked apps without a password. The Samsung ID is SVE-2019-13996 December 2019...

3.3CVSS7AI score0.00118EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:57 a.m.8 views

CVE-2020-12642

An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal. It allows XXE, with resultant secrets disclosure and SSRF, via JUnit XML launch import...

7.5CVSS6.8AI score0.01349EPSS
Exploits0References1
CNVD
CNVD
added 2026/01/09 12:0 a.m.3 views

Soda PDF Desktop Code Execution Vulnerability

Soda PDF Desktop is a professional PDF processing software that integrates reading, editing, creating, converting and managing PDF documents. A code execution vulnerability exists in Soda PDF Desktop, which stems from the implementation of a Launch action that allows the execution of dangerous...

7.8CVSS6.5AI score0.00209EPSS
Exploits0References1
OSV
OSV
added 2026/01/08 9:15 p.m.8 views

CVE-2025-15464

Exported Activity allows external applications to gain application context and directly launch Gmail with inbox access, bypassing security controls...

7.5CVSS5.8AI score0.00466EPSS
Exploits1References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/31 11:55 a.m.6 views

Malicious code in brolool4141412 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 26b5ad1d170ede931c108f8a9d4342347b2983ae9fc5330b25ddb1dcc4132eb7 Package tests possible malicious actions during installation by starting notepad. There is no other functionality, it's clearly a test of possible malicious...

7.5AI score
Exploits0References1
OSV
OSV
added 2025/12/31 11:55 a.m.3 views

MAL-2025-192989 Malicious code in brolool4141412 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 26b5ad1d170ede931c108f8a9d4342347b2983ae9fc5330b25ddb1dcc4132eb7 Package tests possible malicious actions during installation by starting notepad. There is no other functionality, it's clearly a test of possible malicious...

7.3AI score
Exploits0References1
Rows per page
Query Builder