CVE-2002-2313

Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by...

CVE-2002-2401

NT Virtual DOS Machine NTVDM.EXE in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs...

CVE-2002-2063

AtGuard 3.2 allows remote attackers to bypass firwall filters and execute prohibited programs by changing the filenames to permitted filenames...

CVE-1999-0177

The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs...

SUSE CVE-2025-37948

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...

CVE-2025-37963

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Support for eBPF programs loaded by unprivileged users is typically disabled. This means only cBPF programs need to be mitigated for BHB. In addition, only...

CVE-2025-37948

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...

CVE-2025-37963 arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Support for eBPF programs loaded by unprivileged users is typically disabled. This means only cBPF programs need to be mitigated for BHB. In addition, only...

CVE-2025-37963

CVE-2025-37963 affects the Linux kernel on arm64 in the BPF subsystem. The vulnerability arises in the mitigation scope for eBPF: only cBPF programs loaded by unprivileged users are mitigated, as support for unprivileged eBPF is typically disabled and privileged users can still load the same prog...

CVE-2025-37948 arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...

CVE-2025-37948 arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...

CVE-2025-46836 net-tools Stack-based Buffer Overflow vulnerability

net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities like ifconfig from the net-tools package do not properly validate the structure of /proc files when...

Securing P4 Programs by Information Flow Control

Software-Defined Networking SDN has transformed network architectures by decoupling the control and data-planes, enabling fine-grained control over packet processing and forwarding. P4, a language designed for programming data-plane devices, allows developers to define custom packet processing...

CVE-2025-43010

CVE-2025-43010 affects SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer). An authenticated attacker with SAP standard authorization can remotely execute a function module and replace arbitrary ABAP programs due to lack of input validation and missing authorization checks. Re...

PT-2025-20822 · Sap · Sap S/4Hana Cloud Private Edition +1

Name of the Vulnerable Software and Affected Versions: SAP S/4HANA Cloud Private Edition affected versions not specified Description: The issue allows an authenticated attacker with SAP standard authorization to execute a certain function module remotely and replace arbitrary ABAP programs,...

Recognizing Excellence: Rapid7’s Kelly Hiscoe and Heather DeMartini Honored as CRN’s 2025 Women of the Channel

We are thrilled to announce that two outstanding Rapid7 team members, Kelly Hiscoe and Heather DeMartini, have been recognized as CRN's 2025 Women of the Channel. This prestigious recognition honors innovative and strategic leaders that demonstrate commitment to advancing channel excellence and...

Python-Programs 加密问题漏洞

Python-Programs is a collection of Python applications by the individual developer Shashikant Singh. Python-Programs suffers from an encryption issue vulnerability that stems from insufficient encryption strength, which could lead to a brute force cracking attack...

RLSA-2024:0894 Moderate: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Apr 2023 CVE-2023-21911 mysql: Server: DDL unspecified vulnerability CPU Apr 2023...

Ensure That Common Users Run Privileged Programs Using the sudo Command

The sudo command enables a specified common user to execute certain programs with the root permission. Most system management commands need to be executed by the root user. For the system administrator, properly authorizing other users can reduce the burden of the system administrator. However,...

UBUNTU-CVE-2024-58100

In the Linux kernel, the following vulnerability has been resolved: bpf: check changespktdata property for extension programs When processing calls to global sub-programs, verifier decides whether to invalidate all packet pointers in current state depending on the changespktdata property of the...