1567 matches found
EUVD-2020-30941
RM Downloader 2.50.60 contains a local buffer overflow vulnerability in the 'Load' parameter that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload with an egg hunter technique to bypass memory protections and execute commands like launching...
CVE-2020-37042
Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the 'Find Computer' feature that allows attackers to execute arbitrary code by overflowing the computer name input field. Attackers can craft a malicious payload that triggers a buffer overflow, enabling code executio...
CVE-2020-37031
Simple Startup Manager 1.17 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory through the 'File' input parameter. Attackers can craft a malicious payload with 268 bytes to trigger code execution, bypassing DEP and overwriting memo...
CVE-2020-37036
RM Downloader 2.50.60 contains a local buffer overflow vulnerability in the 'Load' parameter that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload with an egg hunter technique to bypass memory protections and execute commands like launching...
CVE-2020-37031
Simple Startup Manager 1.17 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory through the 'File' input parameter. Attackers can craft a malicious payload with 268 bytes to trigger code execution, bypassing DEP and overwriting memo...
CVE-2026-23953
Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration e.g a member of the ‘incus’ group can create an environment variable containing newlines, which can be used to add additional...
January 17, 2026—KB5077797 (OS Build 22631.6494) Out-of-band
January 17, 2026—KB5077797 OS Build 22631.6494 Out-of-band This out-of-band update for Windows 11, version 23H2 KB5077797 is cumulative. It includes updates from previous security releases, along with an additional fix. To learn more about differences between security updates, optional...
CVE-2026-0500 Remote code execution in SAP Wily Introscope Enterprise Manager (WorkStation)
Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager WorkStation, an unauthenticated attacker could create a malicious JNLP Java Network Launch Protocol file accessible by a public facing URL. When a victim clicks on the URL the accessed Wily Introscope...
MiracleLinux 7 : gnome-shell-3.28.3-34.0.2.el7.AXS7 (AXSA:2025-9565:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9565:01 advisory. CVE-2024-36472: fix portal helper from launching automatically based on network responses to prevent loading untrusted JavaScript code CVEs: CVE-2024-36472 I...
CVE-2023-40079
In injectSendIntentSender of ShortcutService.java, there is a possible background activity launch due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40109
In createFromParcel of UsbConfiguration.java, there is a possible background activity launch BAL due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2023-40095
In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2021-0608
In handleAppLaunch of AppLaunchActivity.java, there is a possible arbitrary activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2019-2173
In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch due to an incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2019-20533
An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 released in China or India software. The S Secure app can launch masked apps without a password. The Samsung ID is SVE-2019-13996 December 2019...
CVE-2020-12642
An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal. It allows XXE, with resultant secrets disclosure and SSRF, via JUnit XML launch import...
Soda PDF Desktop Code Execution Vulnerability
Soda PDF Desktop is a professional PDF processing software that integrates reading, editing, creating, converting and managing PDF documents. A code execution vulnerability exists in Soda PDF Desktop, which stems from the implementation of a Launch action that allows the execution of dangerous...
CVE-2025-15464
Exported Activity allows external applications to gain application context and directly launch Gmail with inbox access, bypassing security controls...
Malicious code in brolool4141412 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 26b5ad1d170ede931c108f8a9d4342347b2983ae9fc5330b25ddb1dcc4132eb7 Package tests possible malicious actions during installation by starting notepad. There is no other functionality, it's clearly a test of possible malicious...
MAL-2025-192989 Malicious code in brolool4141412 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 26b5ad1d170ede931c108f8a9d4342347b2983ae9fc5330b25ddb1dcc4132eb7 Package tests possible malicious actions during installation by starting notepad. There is no other functionality, it's clearly a test of possible malicious...