CVE-2018-25328

VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craft a malicious input file containing 271 bytes of junk data followed by a return address to execute...

CVE-2018-25328

creationtimestamp| type| source ---|---|--- 2026-05-17 14:56:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm2mmwodr52k...

CVE-2019-25328

XnConvert 1.82 contains a denial of service vulnerability in its registration code input field that allows attackers to crash the application. Attackers can generate a 9000-byte buffer of repeated characters and paste it into the registration code field to trigger an application crash...

CVE-2021-25328

Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service DoS or possible code execution on the device...

GHSA-W4F8-FXQ2-J35V Possible privilege escalation via bash completion script

The bash completion script for fscrypt through v0.3.2 allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a...

Possible privilege escalation via bash completion script

The bash completion script for fscrypt through v0.3.2 allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a...

CVE-2022-25328

creationtimestamp| type| source ---|---|--- 2022-02-25 14:20:31+00:00| seen| https://t.me/cibsecurity/38079 2025-04-21 14:02:09+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12652...

CVE-2022-25328

The CVE-2022-25328 issue concerns the bash_completion script in Google fscrypt. The vulnerability arises from the bash_completion mechanism: a local attacker who can influence mountpoint paths can inject commands through crafted mountpoint names when the script performs completion. This could lea...

CVE-2022-25328 Privilege escalation through command injection in fscrypt

The bashcompletion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoin...

CVE-2021-25328

creationtimestamp| type| source ---|---|--- 2021-05-05 06:43:42+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/332 2021-05-05 12:19:48+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/3294...

EFS Easy Chat Server Authentication Request Handling Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'EFS Easy Cha...