UBUNTU-CVE-2026-41256

jq is a command-line JSON processor. In 1.8.1 and earlier, Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter file such as . followed by \x00 and arbitrary suffix compiles and executes as only the prefix before...

CVE-2026-41256

The CVE affects jq up to version 1.8.1. Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter file such as . followed by � and arbitrary suffix compiles and executes as only the prefix before the NUL, leading to a ...

JLSEC-2026-490

Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...

CVE-2019-25633

AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display nam...

CVE-2019-25633 AIDA64 Extreme 5.99.4900 SEH Buffer Overflow via EggHunter

AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display nam...

CVE-2019-25633

CVE-2019-25633 affects AIDA64 Extreme 5.99.4900. A structured exception handling buffer overflow via the email preferences and report wizard interfaces allows a local attacker to execute arbitrary code by supplying crafted input. Specifically, payloads injected into the Display name field and via...

CVE-2024-0937

A vulnerability, which was classified as critical, has been found in vanderSchaar LAB synthcity 0.2.9. Affected by this issue is the function loadfromfile of the component PKL File Handler. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been...

PYSEC-2024-21

A vulnerability classified as critical was found in vanderSchaar LAB TemporAI 0.0.3. Affected by this vulnerability is the function loadfromfile of the component PKL File Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the...

PT-2024-15921 · Unknown · Van Der Schaar Lab Temporai

Name of the Vulnerable Software and Affected Versions: van der Schaar LAB TemporAI version 0.0.3 Description: A critical vulnerability was found in the function load from file of the component PKL File Handler, leading to deserialization. The attack can be launched remotely. The vendor was...

PT-2023-27176 · 1Panel · 1Panel

Name of the Vulnerable Software and Affected Versions: 1Panel version 1.4.3 Description: 1Panel is an open source Linux server operation and maintenance management panel. In the api/v1/file.go file, there is a function called LoadFromFile, which directly reads the file by obtaining the requested...

AIDA64 Engineer 5.99.4900 Buffer Overflow

!/usr/bin/python Exploit Title: AIDA64 Engineer 5.99.4900 - 'Load from file' Field Buffer Overflow SEH Date: 04-04-2019 Exploit Author: Anurag Srivastava and Vardan Bansal Website: www.theanuragsrivastava.in Vulnerable Software: AIDA64 Engineer Vendor Homepage: http://download.aida64.com/ Version...

AIDA64 Engineer 5.99.4900 - Load from file Field Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: AIDA64 Engineer 5.99.4900 - 'Load from file' Field Buffer Overflow SEH Exploit Author: Anurag Srivastava and Vardan Bansal Website: www.theanuragsrivastava.in Vulnerable Software: AIDA64 Engineer Vendor...

CVE-2018-20247

In Foxit Quick PDF Library all versions prior to 16.12, issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow...