PT-2025-50197

Name of the Vulnerable Software and Affected Versions Windows Shell affected versions not specified Description A flaw in Windows Shell related to concurrent execution using a shared resource with improper synchronization, specifically a race condition, can allow a locally authenticated attacker ...

CVE-2025-11953

The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary...

EUVD-2014-1881

Malware in sbrugna...

EUVD-2019-9636

Malware in sbrugna...

EUVD-2000-0659

Malware in sbrugna...

EUVD-2015-2558

Malware in sbrugna...

EUVD-2022-35428

Malicious code in bioql PyPI...

EUVD-2023-2412

Malicious code in bioql PyPI...

EUVD-2025-10156

Malicious code in bioql PyPI...

EUVD-2025-17769

Malicious code in bioql PyPI...

EUVD-2024-40308

Malicious code in bioql PyPI...

EUVD-2025-20571

Malicious code in bioql PyPI...

BIT-LIBPHP-2024-5585 Command injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)

In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, the fix for CVE-2024-1874 does not work if the command name includes trailing spaces. Original issue: when using procopen command with array syntax, due to insufficient escaping, if the arguments of the executed command ar...

BIT-LIBPHP-2024-1874 Command injection via array-ish $command parameter of proc_open()

In PHP versions 8.1. before 8.1.28, 8.2. before 8.2.18, 8.3. before 8.3.5, when using procopen command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands ...

CVE-2025-49679

Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally...

CVE-2025-49679

Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally...

CVE-2025-49679

Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally...

CVE-2025-49679 Windows Shell Elevation of Privilege Vulnerability

...

CVE-2025-49679 Windows Shell Elevation of Privilege Vulnerability

...

CVE-2025-49679

Technical details about CVE-2025-49679 (affected product/module, root cause, impact, and remediation) are not publicly provided in the supplied documents. Monitor for official updates from Microsoft (KB/SSU) and ENISA EUVD for specifics.