8761 matches found
CVE-2018-25286
Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition...
CVE-2018-25286
The CVE-2018-25286 entry affects Easy PhotoResQ 1.0 and describes a buffer overflow in the Folder/filename field. According to the connected documentation, an attacker can supply a 6000-byte payload via the File Options dialog to cause a denial-of-service crash locally. The impact is a crash/DoS ...
CVE-2026-7024
A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...
CVE-2026-7024 rawchen sims deleteFileServlet Endpoint DeleteFileServlet.java path traversal
A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...
EUVD-2026-25699
A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...
CVE-2026-7024
A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...
CVE-2026-7024 rawchen sims deleteFileServlet Endpoint DeleteFileServlet.java path traversal
A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...
CVE-2026-7024
CVE-2026-7024 affects rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de, specifically the file DeleteFileServlet.java in the deleteFileServlet endpoint. A manipulation of the filename argument enables path traversal, and the issue can be exploited remotely. The exploit has been publishe...
SIMS 路径遍历漏洞
SIMS is a student and teacher information management tool developed by RawChen. Versions of SIMS 004f783b1db5ecdfad81c8fdc3b34171211112de and earlier have a path traversal vulnerability. This vulnerability stems from the handling of the filename parameter in the DeleteFileServlet endpoint...
HD Tune Easy PhotoResQ 安全漏洞
HD Tune Easy PhotoResQ is a image recovery tool developed by HD Tune Corporation, designed for restoring photos that have been accidentally deleted or damaged. Version 1.0 of HD Tune Easy PhotoResQ contains a security vulnerability. This vulnerability stems from the use of an excessively long...
PT-2026-35205
A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...
PT-2026-35256
Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition...
CVE-2026-42171
NSIS 3.06.1 before 3.12 is affected: it may use the Low IL temp directory when running as SYSTEM, enabling local privilege escalation if my_GetTempFileName returns 0. Root cause is in the temp file handling, with a potential path-based abuse. Impact is local elevation of privileges with HIGH conf...
CVE-2026-35375
A logic error in the split utility of uutils coreutils causes the corruption of output filenames when provided with non-UTF-8 prefix or suffix inputs. The implementation utilizes tostringlossy when constructing chunk filenames, which automatically rewrites invalid byte sequences into the UTF-8...
CVE-2026-41411
Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file is passed through wildcard expansion to resolve environment variables and wildcards. If the filena...
CVE-2026-1950
Delta Electronics AS320T has No checking of the length of the buffer with the file name vulnerability...
CVE-2026-1950
Delta Electronics AS320T has No checking of the length of the buffer with the file name vulnerability...
SUSE CVE-2026-31433
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...
GHSA-VX9M-XJWF-8CQM uutils coreutils has an Improper Handling of Unicode Encoding Issue
A logic error in the split utility of uutils coreutils causes the corruption of output filenames when provided with non-UTF-8 prefix or suffix inputs. The implementation utilizes tostringlossy when constructing chunk filenames, which automatically rewrites invalid byte sequences into the UTF-8...
uutils coreutils has an Improper Handling of Unicode Encoding Issue
A logic error in the split utility of uutils coreutils causes the corruption of output filenames when provided with non-UTF-8 prefix or suffix inputs. The implementation utilizes tostringlossy when constructing chunk filenames, which automatically rewrites invalid byte sequences into the UTF-8...