Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error in the ConsumeUnit16Array and ConsumeUnit64Array functions. An attacker can cause a process crash by supplying a specially crafted .evtx file to the parseevtx VQL plugin on Windows and Linux systems. Remediation A fix w...

CVE-2026-7572

Velociraptor (Velocidex Velociraptor) before version 0.76.5 on Windows and Linux contains an off-by-one error (CWE-193) in the EVTX parser, specifically in ConsumeUnit16Array and ConsumeUnit64Array, that allows a local attacker to cause a Denial of Service via a crafted .evtx file sent to the par...

The vulnerability of the Windows operating system allows a hacker to execute arbitrary code in the context of the current user.

The vulnerability of the Windows operating system exists due to incorrect handling of the event log file. The vulnerability can be exploited by opening the event log file created by the attacker. As a result of exploiting this vulnerability, an attacker who operates remotely can execute arbitrary...

The vulnerability of the Windows operating system allows a hacker to execute arbitrary code in the context of the current user.

The vulnerability of the Windows operating system exists due to incorrect handling of the event log file. The vulnerability can be exploited by opening the event log file created by the attacker. As a result of exploiting this vulnerability, an attacker who operates remotely can execute arbitrary...

The vulnerability of the Windows operating system allows a hacker to execute arbitrary code in the context of the current user.

The vulnerability of the Windows operating system exists due to incorrect handling of the event log file. The vulnerability can be exploited by opening the event log file created by the attacker. As a result of exploiting this vulnerability, an attacker who operates remotely can execute arbitrary...