49 matches found
OESA-2026-2223 perl-Image-ExifTool security update
ExifTool is a Perl module with an included command-line application for reading and writing meta information in image, audio, and video files. It reads EXIF, GPS, IPTC, XMP, JFIF, MakerNotes, GeoTIFF, ICC Profile, Photoshop IRB, FlashPix, AFCP, and ID3 meta information from JPG, JP2, TIFF, GIF,...
Linux Distros Unpatched Vulnerability : CVE-2026-7580
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in Exiftool up to 13.53. Impacted is the function Processmrld of the file lib/Image/ExifTool/GM.pm of the component...
CVE-2026-7580 Exiftool JPEG/QuickTime/MOV/MP4 GM.pm Process_mrld code injection
A vulnerability was detected in Exiftool up to 13.53. Impacted is the function Processmrld of the file lib/Image/ExifTool/GM.pm of the component JPEG/QuickTime/MOV/MP4. The manipulation of the argument -ee results in code injection. Attacking locally is a requirement. Upgrading to version 13.54 i...
EUVD-2019-5484
Malware in sbrugna...
EUVD-2023-23297
Malicious code in bioql PyPI...
EUVD-2025-3730
Malicious code in bioql PyPI...
EUVD-2025-13303
Malicious code in bioql PyPI...
EUVD-2024-47209
Malicious code in bioql PyPI...
EUVD-2022-52387
Malicious code in bioql PyPI...
CVE-2025-57443
FrostWire 6.14.0-build-326 for macOS contains permissive entitlements allow-dyld-environment-variables, disable-library-validation that allow unprivileged local attackers to inject code into the FrostWire process via the DYLDINSERTLIBRARIES environment variable. This allows escalated privileges t...
CVE-2023-1005
A vulnerability was found in JP1016 Markdown-Electron and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to code injection. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Continious delivery...
CVE-2023-1003
A vulnerability, which was classified as critical, was found in Typora up to 1.5.5 on Windows. Affected is an unknown function of the component WSH JScript Handler. The manipulation leads to code injection. An attack has to be approached locally. The exploit has been disclosed to the public and m...
CVE-2021-37207
A vulnerability has been identified in SENTRON powermanager V3 All versions. The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...
CVE-2019-14242
An issue was discovered in Bitdefender products for Windows Bitdefender Endpoint Security Tool versions prior to 6.6.8.115; and Bitdefender Antivirus Plus, Bitdefender Internet Security, and Bitdefender Total Security versions prior to 23.0.24.120 that can lead to local code injection. A local...
CVE-2025-4218
A vulnerability was found in handrew browserpilot up to 0.2.51. It has been declared as critical. Affected by this vulnerability is the function GPTSeleniumAgent of the file browserpilot/browserpilot/agents/gptseleniumagent.py. The manipulation of the argument instructions leads to code injection...
CVE-2025-24482
A Local Code Injection Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect default permissions and allows for DLLs to be executed with higher level permissions...
CVE-2025-24482 FactoryTalk® View Site Edition - Local Code Injection
A Local Code Injection Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect default permissions and allows for DLLs to be executed with higher level permissions...
CVE-2025-24482
Rockwell Automation FactoryTalk View Site Edition has a Local Code Injection vulnerability due to incorrect default permissions on the remote debugger port, affecting all versions prior to 15.0. Affected functionality includes DLLs being executed with elevated privileges, potentially enabling una...
CVE-2025-24482 FactoryTalk® View Site Edition - Local Code Injection
A Local Code Injection Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect default permissions and allows for DLLs to be executed with higher level permissions...
CVE-2025-24479 FactoryTalk® View Machine Edition - Local Code Injection
A Local Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to a default setting in Windows and allows access to the Command Prompt as a higher privileged user...