2463 matches found
Editor Software StyleWriter 安全漏洞
Editor Software StyleWriter is a text editing tool developed by Editor Software Company, designed to improve the clarity and quality of English writing. Version 1.0 of Editor Software StyleWriter contains a security vulnerability. This vulnerability stems from a buffer overflow issue when...
HD Tune Pro 安全漏洞
HD Tune Pro is a disk analysis tool developed by HD Tune Inc., used to test hard drive performance, health status, and detect errors. Version 5.70 of HD Tune Pro contains a security vulnerability. This vulnerability stems from a buffer overflow issue when submitting excessively long strings throu...
PT-2026-35256
Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition...
PT-2026-35251
iCash 7.6.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload through the Connect to Server dialog. Attackers can paste a 7000-byte string into the Host field and click Connect to trigger an application crash...
Prime95 安全漏洞
Prime95 is a device stress testing software developed by Prime95 Corporation. Version 29.4b7 of Prime95 contains a security vulnerability. This vulnerability stems from a buffer overflow in the PrimeNet connection dialog box, which could allow local attackers to cause the application to crash by...
GHSA-Q5HJ-MXQH-VV77 Claude Code: Trust Dialog Bypass via Git Worktree Spoofing Allows Arbitrary Code Execution
Claude Code used the git worktree commondir file when determining folder trust but did not validate its contents. By crafting a repository with a commondir file pointing to a path the victim had previously trusted, an attacker could bypass the trust dialog and immediately execute malicious hooks...
Claude Code: Trust Dialog Bypass via Git Worktree Spoofing Allows Arbitrary Code Execution
Claude Code used the git worktree commondir file when determining folder trust but did not validate its contents. By crafting a repository with a commondir file pointing to a path the victim had previously trusted, an attacker could bypass the trust dialog and immediately execute malicious hooks...
EUVD-2018-21782
Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can generate a file containing a massive buffer of repeated characters and paste it into the unavailab...
EUVD-2018-21783
UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite...
CVE-2018-25266
Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can generate a file containing a massive buffer of repeated characters and paste it into the unavailab...
CVE-2018-25267 UltraISO 9.7.1.3519 Buffer Overflow via Output FileName
UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite...
CVE-2018-25266 Angry IP Scanner 3.5.3 Denial of Service via Preferences Buffer Overflow
Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can generate a file containing a massive buffer of repeated characters and paste it into the unavailab...
CVE-2018-25266
Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can generate a file containing a massive buffer of repeated characters and paste it into the unavailab...
MAL-2026-2985 Malicious code in @bmg-web/bmg-dialog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d560386e011639d154483a6156d3ffca4b0f0c58b20063d6e8ea51d5a295d2a The package @bmg-web/bmg-dialog was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @bmg-web/bmg-dialog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d560386e011639d154483a6156d3ffca4b0f0c58b20063d6e8ea51d5a295d2a The package @bmg-web/bmg-dialog was found to contain malicious code. Source: ossf-package-analysis...
Angry IP Scanner 缓冲区错误漏洞
Angry IP Scanner is an open-source network tool developed by Angry IP Scanner that allows for quick scanning of IP addresses and port information. Version 3.5.3 of Angry IP Scanner contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the preferences dialog box...
PT-2026-34462
Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can generate a file containing a massive buffer of repeated characters and paste it into the unavailab...
PT-2026-34463
UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite...
📄 Remote Sunrise Helper for Windows 2026.14 UAC Bypass
Remote Sunrise Helper for Windows version 2026.14 suffers from a local UAC bypass vulnerability via the Icon Import dialog. Exploit Title: Remote Sunrise Helper for Windows 2026.14 - UAC Bypass via Icon Import Dialog Date: 2026-04-20 Exploit Author: Chokri Hammedi Software:...
📄 dcontrol 1.0.9 Keyboard Injection Remote Code Execution
dcontrol version 1.0.9 is vulnerable to an unauthenticated remote code execution via keyboard input injection. The /control-api/monitor/sendkey and /control-api/monitor/sendtext endpoints allow an unauthenticated attacker to simulate keyboard input on the target system. By chaining these endpoint...