CVE-2020-36997

BacklinkSpeed 2.4 contains a buffer overflow vulnerability that allows attackers to corrupt the Structured Exception Handler SEH chain through malicious file import. Attackers can craft a specially designed payload file to overwrite SEH addresses, potentially executing arbitrary code and gaining...

EUVD-2020-30909

BacklinkSpeed 2.4 contains a buffer overflow vulnerability that allows attackers to corrupt the Structured Exception Handler SEH chain through malicious file import. Attackers can craft a specially designed payload file to overwrite SEH addresses, potentially executing arbitrary code and gaining...

gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow

A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability during the parsing of a malicious PNM Portable Anymap image file. This issue stems from insufficient validation of user-supplied data, which can lead to an integer overflow before memory allocation...

USN-7984-1: Pagure vulnerabilities

Thomas Chauchefoin discovered that Pagure incorrectly handled symbolic links in Git repositories. A remote attacker could possibly use this issue to cause Pagure to expose files outside the intended repository boundaries. CVE-2024-4981 Thomas Chauchefoin discovered that Pagure did not properly...

CVE-2025-69749

Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code...

ROS-20260129-73-0010

A vulnerability in the Despeckle Plugin component of the GIMP graphics editor is related to memory buffer overruns. Exploitation of the vulnerability could allow an attacker to cause a denial of service or execute arbitrary code...

ROS-20260129-73-0006

Vulnerability in gdb related to writing outside buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to execute arbitrary code...

ROS-20260129-73-0007

Vulnerability in gdb related to writing outside buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to execute arbitrary code...

ROS-20260129-73-0044

Vulnerability in python-django related to failure to protect sql query structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

Dummy BacklinkSpeed security vulnerability

Dummy BacklinkSpeed is an SEO automation tool developed by theDummy company. Version 2.4 of Dummy BacklinkSpeed contains a security vulnerability. This vulnerability arises from the possibility of buffer overflows caused by the import of malicious files, which can disrupt the structured exception...

CVE-2025-69749

Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code...

BearShare Lite security vulnerability

BearShare Lite is a peer-to-peer file sharing software developed by the BearShare company. Version 5.2.5 of BearShare Lite contains a security vulnerability, which stems from a buffer overflow in the advanced search keyword input field, potentially allowing for the execution of arbitrary code...

PT-2026-5285

BearShare Lite 5.2.5 contains a buffer overflow vulnerability in the Advanced Search keywords input that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload to overwrite the EIP register and execute shellcode by pasting malicious content into the search...

CVE-2025-69749

CVE-2025-69749 describes a Cross Site Scripting vulnerability in tale v2.0.5 . The public descriptions state an attacker can execute arbitrary code, but the connected documents do not provide concrete technical details (e.g., vulnerable component, root cause, affected files, or patch/version with...

CVE-2025-69749

Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code...

TongSoft Audio Playback Recorder has a security vulnerability

TongSoft Audio Playback Recorder is an audio recording tool developed by TongSoft Corporation. Version 3.2.2 of TongSoft Audio Playback Recorder contains a security vulnerability. This vulnerability stems from local buffer overflows in pop-up windows and registration parameters, which may allow f...

CVE-2026-24856

CVE-2026-24856 affects iccDEV up to version 2.3.1.2. The issue is an undefined behavior when converting floating-point NaN values to unsigned short integers during ICC profile XML parsing, which can corrupt memory structures and enable arbitrary code execution. The fix is in version 2.3.1.2. IBM/...

CVE-2026-24856

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Versions prior to 2.3.1.2 have an undefined behavior issue when floating-point NaN values are converted to unsigned short integer types during ICC profile X...

CVE-2025-61731

Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...

CVE-2025-61731

Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...