CVE-2023-53940

CVE-2023-53940 affects Codigo Markdown Editor 1.0.1 (Electron). The vulnerability arises from handling of markdown files where an embedded video source with an onerror event can trigger arbitrary shell commands via Node.js child_process, enabling code execution when the file is opened. Public ind...

MAL-2025-142879 Malicious code in geckodriver-process-module-draco (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0b003134420a4f6d79fd4f63c839be965746e5cf508de21a4f403624f0104e7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-113233

Malicious code in geckodriver-process-module-draco npm...

EUVD-2025-24619

Malicious code in bioql PyPI...

CVE-2025-52385

An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the childprocess module...

CVE-2025-52385

An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the childprocess module...

CVE-2025-52385

An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the childprocess module...

CVE-2025-52385

An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the childprocess module...

CVE-2025-52385

CVE-2025-52385 affects Studio 3T up to 2025.1.0, with a remote code execution vulnerability via a crafted payload to the child_process module in IntelliShell. The issue arises from improper handling allowing an attacker to run arbitrary code; CVSSv3.1 is reported as 9.8 (CRITICAL) with network at...

PT-2025-33035 · Studio 3T · Studio 3T

Name of the Vulnerable Software and Affected Versions: Studio 3T versions prior to 2025.1.1 Description: An issue allows a remote attacker to execute arbitrary code via a crafted payload to the child process module. Recommendations: Update to version 2025.1.1 or later...

Linux Distros Unpatched Vulnerability : CVE-2024-39473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension I...

CVE-2024-51736 Command execution hijack on Windows with Process class in symfony/process

Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named cmd.exe is located in the current working directory it will be called by the Process class when preparing command arguments, leading to possible hijackin...

PT-2024-34873 · Unknown · Symphony Php Framework

Name of the Vulnerable Software and Affected Versions: Symphony PHP framework versions prior to 5.4.46 Symphony PHP framework versions prior to 6.4.14 Symphony PHP framework versions prior to 7.1.7 Description: The Symphony process module in the Symphony PHP framework executes commands in...

DEBIAN-CVE-2024-39473

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base config extension then the same format applies to all of it's inputs and the process-baseconfigext i...

Entek XM-360 Process Module Specialty I/O

Binary data 754837.prm...

Microsoft Windows Process Module Information

Binary data windowsprocessmoduleinformation.nbin...