MAL-2026-4601 Malicious code in local-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4649a6cac828460ea4a3e6d867038eaa507f109eb6a46de9eef1fc340d867608 The package executes lifecycle and import-time code that fetches executables and posts host data to off-publisher infrastructure. download.js line 92...

Secure In-Memory Execution with W^X Enforcement Using mprotect

This C program demonstrates how to dynamically control memory allocation with the W^X protection principle...

EUVD-2016-8860

Malware in sbrugna...

EUVD-2015-8456

Malware in sbrugna...

CVE-2025-38681 mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd()

In the Linux kernel, the following vulnerability has been resolved: mm/ptdump: take the memory hotplug lock inside ptdumpwalkpgd Memory hot remove unmaps and tears down various kernel page table regions as required. The ptdump code can race with concurrent modifications of the kernel page tables...

PT-2025-35954

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the mm/ptdump component where the code can race with concurrent modifications of kernel page tables. Specifically, when intermediate levels of kernel...

CVE-2021-34387

The ARM TrustZone Technology on which Trusty is based on contains a vulnerability in access permission settings where the portion of the DRAM reserved for TrustZone is identity-mapped by TLK with read, write, and execute permissions, which gives write access to kernel code and data that is...

kernel: mm: call the security_mmap_file() LSM hook in remap_file_pages()

A flaw was found in the remapfilepages function in mm/mmap.c in the Linux kernel, where it does not properly restrict execute access. This vulnerability allows local users to bypass intended SELinux W^X policy restrictions...

AZL-50713 CVE-2024-47745 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...

UBUNTU-CVE-2024-47745

In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...

SUSE CVE-2017-7782

An error in the "WindowsDllDetourPatcher" where a RWX "Read/Write/Execute" 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird 52.3, Firefox...

Exploit for Stack-based Buffer Overflow in Cisco Rv340_Firmware

CVE-2022-20699 🎧 Br...

Navigate CMS 2.8.7 Directory Traversal

Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Tested o...

CVE-2019-12777

An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044update05032019-482. They replace secure and protected directory permissions set as default by the underlying operating system with highly insecure read, write, and execute directory...

CVE-2017-7782

An error in the "WindowsDllDetourPatcher" where a RWX "Read/Write/Execute" 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird 52.3, Firefox...

Code injection

An error in the "WindowsDllDetourPatcher" where a RWX "Read/Write/Execute" 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird 52.3, Firefox...

Improper access control

Access control vulnerability in Intel Security Data Loss Prevention Endpoint DLPe 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other processes via pages in the target process memory get...

The vulnerability of the SELinux security mechanism, which allows a perpetrator to circumvent existing access restrictions

The vulnerability of the SELinux security mechanism is related to code errors. Exploiting this vulnerability can allow an attacker, who operates locally, to gain access to memory with write and execute privileges by manipulating system calls such as iosetup, ioctxalloc, and aiosetupring...

The vulnerability of the Windows operating system allows a perpetrator to bypass the protection mechanisms of Virtual Secure Mode Hypervisor Code Integrity.

The vulnerability of the Windows operating system is related to errors in security settings. Exploiting this vulnerability allows a malicious actor to bypass the Virtual Secure Mode Hypervisor Code Integrity protection mechanism and execute RWX page marking using a specially created application...

Microsoft Windows HVCI Security Bypass Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. A security bypass vulnerability exists in Microsoft Windows 10 Gold and 1511, which stems from a program failing to properly allow certain kernel-mode pages to be marked as Read, Write, and Execute RWX....