9 matches found
CVE-2026-28211
The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitrary code execution when a user reads it with log...
CVE-2026-28211
The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitrary code execution when a user reads it with log...
CVE-2026-28211
The CVE affects the NVDA Dev & Test Toolbox add-on (Log Reader feature) with versions 2.0–8.0. Reading a crafted log file via log reading commands triggers unsafe evaluation of Python expressions embedded in log entries, allowing attacker-controlled code to execute with the current user’s privile...
PT-2026-22208
Name of the Vulnerable Software and Affected Versions NVDA Dev & Test Toolbox versions 2.0 through 8.0 Description A security issue exists in the Log Reader feature of the NVDA Dev & Test Toolbox add-on. Maliciously crafted log files can lead to arbitrary code execution when a user reads them usi...
Buffer Overflow
libzephyr.so is vulnerable to Buffer Overflows. The vulnerability is caused by the CLFS driver. An attacker is able to exploit this vulnerability by sending a specially crafted log file to a vulnerable system. If the log file is processed by the CLFS driver, the buffer overflow can be triggered,...
SUSE CVE-2008-7249
Buffer overflow in Squid Analysis Report Generator Sarg 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167...
CVE-2020-5626
Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file...
The vulnerability of the Windows operating system allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.
A vulnerability that allows for remote execution of code exists in the Windows event log system and is related to the processing of specially crafted files. Exploiting this vulnerability enables remote execution of code provided that the user opens a specially crafted event log file. If the user...
CVE-2011-1018
logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server...