Microsoft Windows Shell 竞争条件问题漏洞

The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft Corporation USA.Easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. On some versions of...

CVE-2025-11953

The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary...

EUVD-2015-2558

Malware in sbrugna...

EUVD-2014-1881

Malware in sbrugna...

EUVD-2000-0659

Malware in sbrugna...

EUVD-2019-9636

Malware in sbrugna...

EUVD-2025-10156

Malicious code in bioql PyPI...

EUVD-2025-17769

Malicious code in bioql PyPI...

EUVD-2025-20571

Malicious code in bioql PyPI...

EUVD-2023-2412

Malicious code in bioql PyPI...

EUVD-2024-40308

Malicious code in bioql PyPI...

EUVD-2022-35428

Malicious code in bioql PyPI...

BIT-LIBPHP-2024-5585 Command injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)

In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, the fix for CVE-2024-1874 does not work if the command name includes trailing spaces. Original issue: when using procopen command with array syntax, due to insufficient escaping, if the arguments of the executed command ar...

BIT-LIBPHP-2024-1874 Command injection via array-ish $command parameter of proc_open()

In PHP versions 8.1. before 8.1.28, 8.2. before 8.2.18, 8.3. before 8.3.5, when using procopen command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands ...

CVE-2025-49679

Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally...

CVE-2025-49679

Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally...

CVE-2025-49679

Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally...

CVE-2025-49679

Technical details about CVE-2025-49679 (affected product/module, root cause, impact, and remediation) are not publicly provided in the supplied documents. Monitor for official updates from Microsoft (KB/SSU) and ENISA EUVD for specifics.

CVE-2025-49679 Windows Shell Elevation of Privilege Vulnerability

...

CVE-2025-49679 Windows Shell Elevation of Privilege Vulnerability

...