14 matches found
CVE-2026-48770
Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, a local process in the same interactive Windows session can send a malformed WMCOPYDATA message to Notepad++ using the COPYDATAFULLCMDLINE path. The handler appears to process COPYDATASTRUCT.lpData as an unbounded...
CVE-2026-48770
Notepad++ prior to version 8.9.6.1 is affected by multiple issues arising from insecure handling of inter-process communication data. Specifically, a local attacker can trigger a denial of service (CVE-2026-48770) by sending a malformed WM_COPYDATA message where COPYDATA_FULL_CMDLINE is processed...
CVE-2026-48770
Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, a local process in the same interactive Windows session can send a malformed WMCOPYDATA message to Notepad++ using the COPYDATAFULLCMDLINE path. The handler appears to process COPYDATASTRUCT.lpData as an unbounded...
EUVD-2018-6319
Malware in sbrugna...
EUVD-2025-29630
Malicious code in bioql PyPI...
CVE-2025-59050
Greenshot is an open source Windows screenshot utility. Greenshot 1.3.300 and earlier deserializes attacker-controlled data received in a WMCOPYDATA message using BinaryFormatter.Deserialize without prior validation or authentication, allowing a local process at the same integrity level to trigge...
CVE-2025-59050 Greenshot — Insecure .NET deserialization via WM_COPYDATA enables local code execution
Greenshot is an open source Windows screenshot utility. Greenshot 1.3.300 and earlier deserializes attacker-controlled data received in a WMCOPYDATA message using BinaryFormatter.Deserialize without prior validation or authentication, allowing a local process at the same integrity level to trigge...
CVE-2025-59050
CVE-2025-59050 — Greenshot : Greenshot
PT-2025-38057
Name of the Vulnerable Software and Affected Versions: Greenshot versions 1.3.300 and earlier Description: Greenshot is a Windows screenshot utility. The software deserializes attacker-controlled data received in a WM COPYDATA message using BinaryFormatter.Deserialize without prior validation or...
ROS-2-2238
2.2238 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-2-2213
2.2213 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
UBUNTU-CVE-2021-29964
A locally-installed hostile program could send WMCOPYDATA messages that Firefox would process incorrectly, leading to an out-of-bounds read. This bug only affects Firefox on Windows. Other operating systems are unaffected.. This vulnerability affects Thunderbird 78.11, Firefox 89, and Firefox ESR...
CVE-2018-14401
CopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an out-of-bounds read...
CVE-2018-14401
CopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an out-of-bounds read...