Erlang/OTP (Erlang OTP) Multiple Vulnerabilities (Sep 2025) - Windows

Erlang/OTP Erlang OTP is prone to multiple vulnerabilities in the SSH component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

sh: push-switch: Reorder cleanup operations to avoid use-after-free bug

...

PT-2024-34540 · Unknown · Laravel Cms

Name of the Vulnerable Software and Affected Versions: Laravel CMS versions 1.4.7 and earlier Description: The issue allows a remote attacker to execute arbitrary code via the shell.php component. This is made possible by a file upload vulnerability. Recommendations: For Laravel CMS versions 1.4....

The vulnerability in the /sqlite3_aflpp/shell.c component of the SQLite database management system allows a attacker to cause a service failure.

The vulnerability in the /sqlite3aflpp/shell.c component of the SQLite database management system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

Vulnerability of the Shell component: Core/Client system of the Oracle Database Management System, MySQL Server, which allows a hacker to cause a service failure.

Shell component vulnerability: The Core/Client part of the Oracle MySQL Server database management system is vulnerable due to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions...

Shell component vulnerability: The Admin/InnoDB Cluster of the Oracle MySQL Server database management system, which allows attackers to gain full control over the application.

Shell component vulnerability: The Admin/InnoDB Cluster of the Oracle MySQL Server database management system is vulnerable due to insufficient protection for operational data. Exploiting this vulnerability could allow an attacker to gain full control over the application using the MySQL protocol...

Vulnerability of the Shell component: The Core Client for command-line and code editor, Oracle MySQL Shell, allows an attacker to gain access to read, modify, add, or delete data.

The vulnerability of the Shell component: The Core Client for command-line input and the Oracle MySQL Shell code editor have vulnerabilities due to insufficient validation of input data. Exploiting these vulnerabilities can allow attackers to gain read, modify, add, or delete data permissions...

PT-2022-3917 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient input validation in the Windows Shell component, allowing remote attackers to execute arbitrary code and affect the system. Recommendations: At the...

CVE-2020-0870

An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit this vulnerability, an attacker would first have to log on ...

PT-2018-3902 · Oracle +1 · Mysql Server

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.11 and prior Description: The issue is related to insufficient access control in the MySQL Server component, specifically in the Shell: Core / Client subcomponent. This allows an attacker with low privileges and logo...

The vulnerability of the Android operating system, which allows a hacker to circumvent existing access restrictions

The vulnerability of the Shell component in the Android operating system lies in the improper handling of the MANAGEUSERS and CREATEUSERS access control functions. Exploiting this vulnerability allows a malicious actor to circumvent existing access restrictions through a specially created...

CVE-2016-3833

The Shell component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not properly manage the MANAGEUSERS and CREATEUSERS permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka internal bug 29189712...

UBUNTU-CVE-2016-3833

The Shell component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not properly manage the MANAGEUSERS and CREATEUSERS permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka internal bug 29189712...

Design/Logic Flaw

The Shell component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not properly manage the MANAGEUSERS and CREATEUSERS permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka internal bug 29189712...

CVE-2016-3833

The CVE-2016-3833 entry describes a privilege-elevation issue in the Android Shell. The Shell component in Android versions 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not properly manage the MANAGE_USERS and CREATE_USERS permissions, allowing a crafted application to b...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows Shell component of the Windows operating system is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page...

Microsoft Windows Shell MSHTA Script Execution in OLE Files (MS05-016) - Ver2 (CVE-2005-0063)

The Windows operating system provides facilities that make it possible to invoke different applications to handle different types of files. This makes it possible for a user to double click on a known image type file, for instance, and by that action launch the proper application to display or ed...

Microsoft Windows LNK File Shell Buffer Overflow (MS05-049; CVE-2005-2122)

The Microsoft Windows operating system provides a facility to create soft links to files on the file system which are referred to as shortcuts. A shortcut file may be created for any kind of file, binary executables, text files, or any other miscellaneous file types. Shortcut files are created wi...