Erlang/OTP (Erlang OTP) Multiple Vulnerabilities (Sep 2025) - Windows

Erlang/OTP Erlang OTP is prone to multiple vulnerabilities in the SSH component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

sh: push-switch: Reorder cleanup operations to avoid use-after-free bug

...

PT-2024-34540 · Unknown · Laravel Cms

Name of the Vulnerable Software and Affected Versions: Laravel CMS versions 1.4.7 and earlier Description: The issue allows a remote attacker to execute arbitrary code via the shell.php component. This is made possible by a file upload vulnerability. Recommendations: For Laravel CMS versions 1.4....

PT-2022-3917 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient input validation in the Windows Shell component, allowing remote attackers to execute arbitrary code and affect the system. Recommendations: At the...

CVE-2020-0870

An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit this vulnerability, an attacker would first have to log on ...

PT-2018-3902 · Oracle +1 · Mysql Server

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.11 and prior Description: The issue is related to insufficient access control in the MySQL Server component, specifically in the Shell: Core / Client subcomponent. This allows an attacker with low privileges and logo...

UBUNTU-CVE-2016-3833

The Shell component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not properly manage the MANAGEUSERS and CREATEUSERS permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka internal bug 29189712...

Design/Logic Flaw

The Shell component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not properly manage the MANAGEUSERS and CREATEUSERS permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka internal bug 29189712...

CVE-2016-3833

The Shell component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not properly manage the MANAGEUSERS and CREATEUSERS permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka internal bug 29189712...

CVE-2016-3833

The CVE-2016-3833 entry describes a privilege-elevation issue in the Android Shell. The Shell component in Android versions 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not properly manage the MANAGE_USERS and CREATE_USERS permissions, allowing a crafted application to b...

Microsoft Windows Shell MSHTA Script Execution in OLE Files (MS05-016) - Ver2 (CVE-2005-0063)

The Windows operating system provides facilities that make it possible to invoke different applications to handle different types of files. This makes it possible for a user to double click on a known image type file, for instance, and by that action launch the proper application to display or ed...

Microsoft Windows LNK File Shell Buffer Overflow (MS05-049; CVE-2005-2122)

The Microsoft Windows operating system provides a facility to create soft links to files on the file system which are referred to as shortcuts. A shortcut file may be created for any kind of file, binary executables, text files, or any other miscellaneous file types. Shortcut files are created wi...