CVE-2025-5030 Ackites KillWxapkg wxapkg File Parser unpack.go processFile os command injection

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated...

CVE-2025-5030

CVE-2025-5030 affects Ackites KillWxapkg up to 2.4.1. The vulnerability resides in the function processFile of the file internal/unpack/unpack.go in the wxapkg file parser, enabling OS command injection . Multiple connected sources corroborate remote exploitation with high attack complexity and d...

Ackites KillWxapkg vulnerable to OS Command Injection

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated...

CVE-2025-4539

A vulnerability was found in Hainan ToDesk 4.7.6.3. It has been declared as critical. This vulnerability affects unknown code in the library profapi.dll of the component DLL File Parser. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The...

CVE-2025-4539

A vulnerability was found in Hainan ToDesk 4.7.6.3. It has been declared as critical. This vulnerability affects unknown code in the library profapi.dll of the component DLL File Parser. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The...

CVE-2025-4539

CVE-2025-4539 affects Hainan ToDesk 4.7.6.3, due to an uncontrolled search path in the profapi.dll located in the DLL File Parser component. This enables a local-host attack; exploitation is described as high-complexity with public disclosure. No patch/version fix is provided in the sources; a te...

ToDesk 代码问题漏洞

ToDesk is a professional remote desktop software from ToDesk China. A code issue vulnerability exists in ToDesk version 4.7.6.3, which stems from an uncontrolled search path for the library profapi.dll in the component DLL File Parser...

Linux Distros Unpatched Vulnerability : CVE-2022-39837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Connected Vehicle Systems Alliance COVESA dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes...

Linux Distros Unpatched Vulnerability : CVE-2015-8726

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding...

Linux Distros Unpatched Vulnerability : CVE-2017-7700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was...

Linux Distros Unpatched Vulnerability : CVE-2016-5355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wiretap/toshiba.c in the Toshiba file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows...

Tracker Software PDF-XChange Editor 缓冲区错误漏洞

Tracker Software PDF-XChange Editor is a suite of software for viewing and editing PDF format files from Tracker Software, a Canadian company. Tracker Software PDF-XChange Editor suffers from a buffer error vulnerability that stems from the XPS file parsing module containing an out-of-bounds read...

PT-2025-28679 · Irfanview · Irfanview +1

Name of the Vulnerable Software and Affected Versions: IrfanView CADImage Plugin affected versions not specified Description: The IrfanView CADImage Plugin contains a memory buffer overflow issue within the DWG File Parser component. Successful exploitation of this issue could allow an attacker t...

SUSE-SU-2025:0328-1 Security update for clamav

This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. - Start clamonacc with --fdpass to avoid errors due to clamd not being able to...

SUSE-SU-2025:0327-1 Security update for clamav

This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. - Start clamonacc with --fdpass to avoid errors due to clamd not being able to...

Security update for clamav

This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. Start clamonacc with --fdpass to avoid errors due to clamd not being able to acce...

FreeBSD : clamav -- Possbile denial-of-service vulnerability (1e109b60-d92e-11ef-a661-08002784c58d)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1e109b60-d92e-11ef-a661-08002784c58d advisory. The ClamAV project reports: A possible buffer overflow read bug is found in the OLE2 file parser that...

DEBIAN-CVE-2024-47775

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parseds64 function within gstwavparse.c. The parseds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multipl...

SUSE CVE-2024-42415

An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library libgsf. A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector...

CVE-2024-36474

An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library libgsf version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-boun...