CVE-2018-25284

HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Attackers can trigger a denial of service by entering a 6000-byte payload through the File Options Save dialog's...

jetAudio 缓冲区错误漏洞

JetAudio is a multimedia player software developed by the JetAudio company. Version 8.1.7 of JetAudio contains a buffer overflow vulnerability. This vulnerability stems from a buffer overflow in the file name field of the video conversion component. It could allow local attackers to trigger the...

Code::Blocks security vulnerabilities

Code::Blocks is an open-source, cross-platform integrated development environment for C++ development. Version 17.12 of Code::Blocks contains a security vulnerability, which stems from a local buffer overflow in the file name field, potentially allowing arbitrary code to be executed...

Cross site scripting

Biscom Secure File Transfer is vulnerable to cross-site scripting in the File Name field. An authenticated user with permissions to upload or send files can populate this field with a filename that contains standard HTML scripting tags. The resulting script will evaluated by any other authenticat...

CVE-2017-5247

Biscom Secure File Transfer is vulnerable to cross-site scripting in the File Name field. An authenticated user with permissions to upload or send files can populate this field with a filename that contains standard HTML scripting tags. The resulting script will evaluated by any other authenticat...

CVE-2017-5247

Biscom Secure File Transfer (SFT) is affected by a cross-site scripting (XSS) vulnerability in the File Name field. An authenticated user with permissions to upload or send files can supply a filename containing HTML/script tags, which can be executed by other authenticated users viewing the file...

Ipswitch WhatsUp Gold Directory Traversal Vulnerability

Ipswitch WhatsUp Gold is a Windows-based network monitoring application. Ipswitch WhatsUp Gold suffers from a directory traversal vulnerability that could allow a remote attacker to read arbitrary files via an RRQ operation in the file name field...

Microsoft Visual C++ (.RC)资源文件远程栈溢出漏洞

Microsoft Visual C++是基于Windows平台的C++编译器。 Microsoft Visual C++资源编译器RCDLL.DLL模块的MSDEV.EXE进程在处理.rc资源文件时存在栈溢出漏洞，远程攻击者可能利用此漏洞通过诱骗用户打开恶意资源文件来控制用户机器。 在处理类似于以下的文件名字段时： 1 TYPELIB MOVEABLE PURE "FilePath01"...