2463 matches found
EUVD-2019-19890
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a...
EUVD-2019-19848
Encrypt PDF 2.3 contains a buffer overflow vulnerability that allows local attackers to crash the application by inputting excessively long strings into password fields. Attackers can paste a 1000-byte buffer into the User Password or Master Password field in the Settings dialog to trigger an...
CVE-2019-25571
CVE-2019-25571 affects MediaMonkey 4.1.23. A DoS exists where opening a specially crafted MP3 containing an excessively long URL string can crash the application. The exploit involves a buffer of about 4000 bytes appended to a URL, triggering a crash when the file is opened via the File > Open...
CVE-2019-25571 MediaMonkey 4.1.23 Denial of Service via Malformed URL
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a...
CVE-2019-25571
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a...
CVE-2019-25571 MediaMonkey 4.1.23 Denial of Service via Malformed URL
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a...
CVE-2019-25550 Encrypt PDF 2.3 Denial of Service via Buffer Overflow
Encrypt PDF 2.3 contains a buffer overflow vulnerability that allows local attackers to crash the application by inputting excessively long strings into password fields. Attackers can paste a 1000-byte buffer into the User Password or Master Password field in the Settings dialog to trigger an...
CVE-2019-25550
Encrypt PDF 2.3 contains a buffer overflow vulnerability that allows local attackers to crash the application by inputting excessively long strings into password fields. Attackers can paste a 1000-byte buffer into the User Password or Master Password field in the Settings dialog to trigger an...
CVE-2019-25550
Encrypt PDF 2.3 has a local-denial-of-service vulnerability caused by a buffer overflow in password fields. An attacker can crash the application by pasting a ~1000-byte buffer into either the User Password or Master Password field in the Settings dialog during PDF import. The CVSS metrics indica...
Paradigma Valentina Studio 缓冲区错误漏洞
Paradigma Valentina Studio is a powerful general-purpose database management and data modeling tool developed by Paradigma Corporation. The Paradigma Valentina Studio 9.0.5 Linux version contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the Host field of th...
PT-2026-26895
Encrypt PDF 2.3 contains a buffer overflow vulnerability that allows local attackers to crash the application by inputting excessively long strings into password fields. Attackers can paste a 1000-byte buffer into the User Password or Master Password field in the Settings dialog to trigger an...
CVE-2026-33068
Claude Code is an agentic coding tool. Versions prior to 2.1.53 resolved the permission mode from settings files, including the repo-controlled .claude/settings.json, before determining whether to display the workspace trust confirmation dialog. A malicious repository could set...
Claude Code has a Workspace Trust Dialog Bypass via Repo-Controlled Settings File
Claude Code resolved the permission mode from settings files, including the repo-controlled .claude/settings.json, before determining whether to display the workspace trust confirmation dialog. A malicious repository could set permissions.defaultMode to bypassPermissions in its committed...
GHSA-MMGP-WC2J-QCV7 Claude Code has a Workspace Trust Dialog Bypass via Repo-Controlled Settings File
Claude Code resolved the permission mode from settings files, including the repo-controlled .claude/settings.json, before determining whether to display the workspace trust confirmation dialog. A malicious repository could set permissions.defaultMode to bypassPermissions in its committed...
EUVD-2026-11862
Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...
CVE-2026-32367
Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...
CVE-2026-32367
Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...
CVE-2026-32367
CVE-2026-32367 concerns the WordPress WordPress Modal Dialog plugin, vulnerable through the component “modal-dialog” up to version 3.5.16. The issue is described as an improper control of code generation, i.e., a Remote Code Inclusion/Execution vulnerability. Public records in the connected sourc...
CVE-2026-32367 WordPress Modal Dialog plugin <= 3.5.16 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...
CVE-2026-32367 WordPress Modal Dialog plugin <= 3.5.16 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...