CVE-2012-10031

BlazeVideo HDTV Player Pro 6.6.0.3 is affected by a stack-based buffer overflow in .plf playlist handling. The MediaPlayerCtrl.dll uses PathFindFileNameA() to extract a filename from a URL-like string and copies it into a fixed-size stack buffer with strcpy without bounds checking, enabling poten...

CVE-2012-10031 BlazeVideo HDTV Player Pro 6.6.0.3 Filename Handling Buffer Overflow

BlazeVideo HDTV Player Pro v6.6.0.3 is vulnerable to a stack-based buffer overflow due to improper handling of user-supplied input embedded in .plf playlist files. When parsing a crafted .plf file, the MediaPlayerCtrl.dll component invokes PathFindFileNameA to extract a filename from a URL-like...

CVE-2012-10031 BlazeVideo HDTV Player Pro 6.6.0.3 Filename Handling Buffer Overflow

BlazeVideo HDTV Player Pro v6.6.0.3 is vulnerable to a stack-based buffer overflow due to improper handling of user-supplied input embedded in .plf playlist files. When parsing a crafted .plf file, the MediaPlayerCtrl.dll component invokes PathFindFileNameA to extract a filename from a URL-like...

Security update for redis

This update for redis fixes the following issues: CVE-2025-27151: Fixed absence of filename size check may cause a stack overflow. bsc1243804 CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. bsc1246059 CVE-2025-48367: Fixed...

SUSE-SU-2025:02681-1 Security update for redis

This update for redis fixes the following issues: - CVE-2025-27151: Fixed absence of filename size check may cause a stack overflow. bsc1243804 - CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. bsc1246059 - CVE-2025-48367: Fixed...

Medium: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the InterpretImageFilename function. The issue stems from an off-by-one error that causes out-of-bounds memory acce...

The vulnerability of the GitK browser extension “gitk filename”, which allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the gitk browser extension exists because measures to neutralize special elements have not been taken. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...

CVE-2025-8344

A vulnerability classified as critical has been found in openviglet shio up to 0.3.8. Affected is the function shStaticFileUpload of the file shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java. The manipulation of the argument filename leads to unrestricted upload. It is...

CVE-2025-8344

A vulnerability classified as critical has been found in openviglet shio up to 0.3.8. Affected is the function shStaticFileUpload of the file shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java. The manipulation of the argument filename leads to unrestricted upload. It is...

Viglet Shio CMS 安全漏洞

Viglet Shio CMS is a content management system from Viglet Open Source. A security vulnerability exists in Viglet Shio CMS version 0.3.8 and earlier, which stems from a misbehavior of the parameter filename in the file shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java tha...

A10 Networks AX Loadbalancer 安全漏洞

A10 Networks AX Loadbalancer is a load balancer appliance from A10 Networks, USA. A security vulnerability exists in A10 Networks AX Loadbalancer 2.6.1-GR1-P5 and 2.7.0 and earlier versions, which stems from an unvalidated filename parameter that could lead to path traversal and information...

Viglet Shio CMS 安全漏洞

Viglet Shio CMS is a content management system from Viglet Open Source. A security vulnerability exists in Viglet Shio CMS version 0.3.8 and earlier, which stems from the incorrect operation of the parameter fileName in the file...

CVE-2014-125119

A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives. The issue arises due to inconsistencies between the Central Directory and Local File Header entries in ZIP files. When viewed in WinRAR, the file name from the Central Directory is displayed to the use...

SUSE CVE-2025-38438

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Use devmkstrdup to avoid memleak. sofpdata-tplgfilename can have address allocated by kstrdup and can be overwritten. Memory leak was detected with kmemleak: unreferenced object 0xffff88812391ff60 size 16:...

DEBIAN-CVE-2025-38438

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Use devmkstrdup to avoid memleak. sofpdata-tplgfilename can have address allocated by kstrdup and can be overwritten. Memory leak was detected with kmemleak: unreferenced object 0xffff88812391ff60 size 16:...

CVE-2014-125119

A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives. The issue arises due to inconsistencies between the Central Directory and Local File Header entries in ZIP files. When viewed in WinRAR, the file name from the Central Directory is displayed to the use...

CVE-2014-125119 WinRAR < 5.00 Filename Spoofing RCE

A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives. The issue arises due to inconsistencies between the Central Directory and Local File Header entries in ZIP files. When viewed in WinRAR, the file name from the Central Directory is displayed to the use...

CVE-2014-125119

CVE-2014-125119 describes a filename spoofing vulnerability in WinRAR when opening specially crafted ZIP archives. The root cause is an inconsistency between the Central Directory and Local File Header entries, which causes WinRAR to display the Central Directory filename while extracting and exe...

CVE-2014-125119 WinRAR < 5.00 Filename Spoofing RCE

A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives. The issue arises due to inconsistencies between the Central Directory and Local File Header entries in ZIP files. When viewed in WinRAR, the file name from the Central Directory is displayed to the use...

OESA-2025-1909 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...