120934 matches found
USN-8004-1: FreeRDP vulnerabilities
Kim Dong Han discovered that FreeRDP did not correctly validate the size of certain variables, which could cause a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
USN-8004-1 freerdp2 vulnerabilities
Kim Dong Han discovered that FreeRDP did not correctly validate the size of certain variables, which could cause a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
CVE-2025-15556
Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download a...
CVE-2025-15556 Notepad++ < 8.8.9 WinGUp Updater Lacks Update Integrity Verification
Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download a...
EUVD-2025-206661
Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download a...
CVE-2025-15556
Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download a...
CVE-2025-15556
Notepad++ versions prior to 8.8.9 using the WinGUp updater are affected by an update integrity verification vulnerability: downloaded update metadata and installers are not cryptographically verified. An attacker who can intercept or redirect update traffic can cause the updater to download and e...
PT-2026-5816
StreamRipper32 version 2.6 contains a buffer overflow vulnerability in the Station/Song Section that allows attackers to overwrite memory by manipulating the SongPattern input. Attackers can craft a malicious payload exceeding 256 bytes to potentially execute arbitrary code and compromise the...
Lexmark多款产品 安全漏洞
The Lexmark CX410 is a product of the American company Lexmark. The Lexmark CX410 is a printer. The Lexmark CX510 is a multifunctional printer. The Lexmark CX82x is a multifunctional printer. Several products from Lexmark have security vulnerabilities; these vulnerabilities stem from the Postscri...
PT-2026-5945
Name of the Vulnerable Software and Affected Versions Lexmark Embedded Solutions Framework affected versions not specified Description A relative path traversal issue exists in the Embedded Solutions Framework used in Lexmark devices. An attacker could potentially use this to execute arbitrary co...
PT-2026-6195
Name of the Vulnerable Software and Affected Versions ELECOM wireless LAN access point devices affected versions not specified Description A stack-based buffer overflow exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution. Recommendations At th...
CVE-2025-70559
pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. An attacker with the ability to place a malicious pickle file in a location accessible to the applicati...
CVE-2025-70560
Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achie...
Victor CMS 跨站脚本漏洞
Victor CMS is an open-source content management system developed by Victor Alagwu in Nigeria. Version 1.0 of Victor CMS had a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting vulnerability in the commentauthor POST parameter, which could all...
CVE-2025-67189
CVE-2025-67189 affects TOTOLINK A950RG, specifically the setParentalRules interface where the urlKeyword parameter is not properly validated. The vulnerability arises from concatenating multiple user-supplied fields into a fixed-size stack buffer without boundary checks, enabling a remote attacke...
Linux Distros Unpatched Vulnerability : CVE-2025-69209
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attack...
PT-2026-5948
Name of the Vulnerable Software and Affected Versions Lexmark CX532adwe affected versions not specified Description A type confusion exists within the Postscript interpreter in Lexmark devices. This issue allows an attacker to execute arbitrary code as an unprivileged user. The vulnerability was...
PT-2026-5949
Name of the Vulnerable Software and Affected Versions Lexmark devices affected versions not specified Description An out-of-bounds read issue exists in the Postscript interpreter used in Lexmark devices. An attacker can potentially use this to execute arbitrary code with unprivileged user...
StreamRipper32 安全漏洞
StreamRipper32 is an open-source tool developed by StreamRipper for capturing and saving MP3 files from online radio stations. Version 2.6 of StreamRipper32 contains a security vulnerability, which stems from a buffer overflow in the Station/Song Section component, potentially allowing arbitrary...
LizardSystems LanSend 安全漏洞
LizardSystems LanSend is a local area network message sending tool developed by LizardSystems Corporation. Version 3.2 of LizardSystems LanSend contains a security vulnerability. This vulnerability stems from the addition of a computer wizard file import function that has a buffer overflow issue,...