CVE-2026-43096

A flaw was found in the Linux kernel's mshv component. A malicious guest operating system could exploit this by attempting to write to read-only memory regions or execute code in non-executable regions. This can lead to an infinite fault loop, causing the virtual CPU vCPU to spin indefinitely and...

CVE-2026-43096

In the Linux kernel mshv component, CVE-2026-43096 patches an infinite fault loop caused by permission-denied GPA intercepts. The issue occurred when guest access to memory regions triggered remaps for all faults on movable regions, even if access type wasn’t permitted, causing a re-fault and vCP...

buffer-overflow

Buffer Overflow Overview This repository contains educatio...

CVE-2026-22584

Improper Control of Generation of Code 'Code Injection' vulnerability in Salesforce Uni2TS on MacOS, Windows, Linux allows Leverage Executable Code in Non-Executable Files.This issue affects Uni2TS: through 1.2.0...

Salesforce Uni2TS has a Code Injection vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Salesforce Uni2TS on MacOS, Windows, Linux allows Leverage Executable Code in Non-Executable Files.This issue affects Uni2TS: through 1.2.0...

EUVD-2026-1841

Improper Control of Generation of Code 'Code Injection' vulnerability in Salesforce Uni2TS on MacOS, Windows, Linux allows Leverage Executable Code in Non-Executable Files.This issue affects Uni2TS: through 1.2.0...

CVE-2026-22584

Improper Control of Generation of Code 'Code Injection' vulnerability in Salesforce Uni2TS on MacOS, Windows, Linux allows Leverage Executable Code in Non-Executable Files.This issue affects Uni2TS: through 1.2.0...

CVE-2025-67707

ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficiently validate uploaded files, enabling a remote unauthenticated attacker to upload arbitrary files to the server’s designated upload directories. However, the server’s architecture enforces controls that restrict uploaded...

CVE-2025-67706

ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficiently validate uploaded files, enabling a remote unauthenticated attacker to upload arbitrary files to the server’s designated upload directories. However, the server’s architecture enforces controls that restrict uploaded...

EUVD-2010-1479

Malware in sbrugna...

EUVD-2017-16796

Malware in sbrugna...

PT-2024-10570 · Qualcomm · Qsee

Name of the Vulnerable Software and Affected Versions: QSEE affected versions not specified Description: The issue is related to the QSEE experiencing a fatal error during execution. This error occurs due to speculative instruction fetches from device memory, which is not valid executable memory...

PYSEC-2024-220

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves Cross-Site Scripting XSS on any Gradio server that allows file uploads. Authenticated users can upload files such as HTML, JavaScript, or SVG files containing malicious scripts. When other users...

kernel: Executable Space Protection Bypass

A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...

kernel: Executable Space Protection Bypass

A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...

kernel: Executable Space Protection Bypass

A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...

NetIQ/Microfocus Performance Endpoint v5.1 - remote root/SYSTEM exploit

/ Exploit Title: NetIQ/Microfocus Performance Endpoint v5.1 - remote root/SYSTEM exploit Date: Jun 2007 Exploit Author: mu-b Vendor Homepage: https://www.microfocus.com/en-us/cyberres/identity-access-management Version: All Tested on: Windows / Solaris x86/SPARC CVE : 0day endpoint-pown-uni.c...

SUSE CVE-2017-7821

A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those...

SUSE CVE-2022-25265

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 e.g., with GCC 3.2.2 and Linux kernel 2.4.20. This can cause execution of bytes located in supposedly non-executable regions of a file...

In the Linux kernel through 5.16.10 certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g. with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.

...