CVE-2026-47092

Claude HUD through 0.0.12, patched in commit 234d9aa, contains a command injection vulnerability that allows local attackers to execute arbitrary commands by manipulating the COMSPEC environment variable. Attackers can set COMSPEC to an arbitrary binary path before claude-hud performs its version...

PT-2026-27306

sbt 1.12.7 is released, featuring a security fix for CVE-2026-32948, Source dependency feature via crafted VCS URL leading to arbitrary code execution on Windows...

CVE-2021-47881 dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow

dataSIMS Avionics ARINC 664-1 version 4.5.3 contains a local buffer overflow vulnerability that allows attackers to overwrite memory by manipulating the milstd1553result.txt file. Attackers can craft a malicious file with carefully constructed payload and alignment sections to potentially execute...

CVE-2021-47881

dataSIMS Avionics ARINC 664-1 version 4.5.3 contains a local buffer overflow vulnerability that allows attackers to overwrite memory by manipulating the milstd1553result.txt file. Attackers can craft a malicious file with carefully constructed payload and alignment sections to potentially execute...

CVE-2021-47881

CVE-2021-47881 affects dataSIMS Avionics ARINC 664-1, version 4.5.3. A local buffer overflow can be triggered by manipulating the milstd1553result.txt file, with a crafted payload and alignment sections potentially allowing arbitrary code execution on Windows. The CVSS indicates high impact on av...

CVE-2025-53000 nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...

EUVD-2018-20788

Malware in sbrugna...

EUVD-2011-0191

Malware in sbrugna...

EUVD-2018-17007

Malware in sbrugna...

EUVD-2016-9702

Malware in sbrugna...

EUVD-2011-0148

Malware in sbrugna...

EUVD-2022-38939

Malicious code in bioql PyPI...

EUVD-2022-1304

Malicious code in bioql PyPI...

CVE-2025-23281

NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker with local unprivileged access that can win a race condition might be able to trigger a use-after-free error. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data...

CVE-2024-13976 Commvault 11.20.0 - 11.36.0 Windows Maintenance Installer DLL Injection

A DLL injection vulnerability exists in Commvault for Windows 11.20.0, 11.28.0, 11.32.0, 11.34.0, and 11.36.0. During the installation of maintenance updates, an attacker with local access may exploit uncontrolled search path or DLL loading behavior to execute arbitrary code with elevated...

OESA-2025-1488 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting...

PHP on Windows 8.1.x < 8.1.29 / 8.2.x < 8.2.20 / 8.3.x < 8.3.8 Arbitrary Code Execution (CVE-2024-4577)

The version of PHP: Hypertext Preprocessor detected on the remote Windows host is 8.1.x prior to 8.1.29, 8.2.x prior to 8.2.20, or 8.3.x prior to 8.3.8. It is, therefore, affected by an arbitrary code execution vulnerability: - In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before...

BIT-PHP-MIN-2024-8926 PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)

In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for CVE-2024-4577 https://github.com/advisories/GHSA-vxpp-6299-mxw3 may still be bypassed and the same command injection related to Windows...

PT-2024-5911 · Rust +1 · Rust +1

Name of the Vulnerable Software and Affected Versions: Rust affected versions not specified Description: The issue is related to the std::process::Command component of the Rust programming language on Windows operating systems. It involves the injection or modification of arguments, potentially...

eSignal and eSignal Pro <= 10.6.2425.1208 Multiple Vulnerabilites

No description provided by source. Luigi Auriemma Application: eSignal and eSignal Pro http://www.esignal.com/esignal/default.aspx Versions: = 10.6.2425.1208 Platforms: Windows Bugs: A code execution B heap overflow Exploitation: file Date: 06 Sep 2011 Author: Luigi Auriemma e-mail:...