CVE-2026-20971

CVE-2026-20971 concerns Use After Free in the PROCA driver. The Samsung SVE-2025-2103 entry explicitly states that this vulnerability allows local attackers to potentially execute arbitrary code, due to a PROCA-driver issue that occurs before the SMR Jan-2026 Release 1. The connected documents in...

CVE-2026-20968

CVE-2026-20968 is linked to Samsung’s SVE-2025-1183 entry describing a use-after-free in the DualDAR component present in Android devices prior to the SMR Jan-2026 Release 1. This weakness could allow a local privileged attacker to execute arbitrary code. The Samsung patch in SMR Jan-2026 Release...

PT-2026-2052

Name of the Vulnerable Software and Affected Versions PROCA driver versions prior to SMR Jan-2026 Release 1 Description A Use After Free condition exists in the PROCA driver. This issue could allow a local attacker to potentially execute arbitrary code. Recommendations Update to SMR Jan-2026...

CVE-2026-0719

A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in...

Linux Distros Unpatched Vulnerability : CVE-2026-0719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When...

CVE-2025-12793

An uncontrolled DLL loading path vulnerability exists in AsusSoftwareManagerAgent. A local attacker may influence the application to load a DLL from an attacker-controlled location, potentially resulting in arbitrary code execution. Refer to the ' Security Update for MyASUS' section on the ASUS...

CVE-2025-1701

CVE-2025-1701 is a high-severity vulnerability in the MIM Admin service. An attacker could exploit this vulnerability by sending a specially crafted request over the RMI interface to execute arbitrary code with the privileges of the MIM Admin service. The RMI interface is only accessible locally...

CVE-2025-12793

An uncontrolled DLL loading path vulnerability exists in AsusSoftwareManagerAgent. A local attacker may influence the application to load a DLL from an attacker-controlled location, potentially resulting in arbitrary code execution. Refer to the ' Security Update for MyASUS' section on the ASUS...

SUSE CVE-2025-8110

Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code...

CVE-2025-66835

TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context...

Selea CarPlateServer 代码问题漏洞

Selea CarPlateServer is a license plate recognition software from the Italian company Selea. A code issue vulnerability exists in Selea CarPlateServer version 4.0.1.6, which stems from the presence of unquoted service paths in the Windows service configuration, which could lead to code execution...

EUVD-2025-205841

TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context...

CVE-2025-66835

TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context...

CVE-2025-66835

TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context...

PT-2025-54213

Name of the Vulnerable Software and Affected Versions TrueConf Client version 8.5.2 Description The software is susceptible to a DLL hijacking issue. A crafted wfapi.dll file can be used by a local attacker to execute arbitrary code with the privileges of the user. The attack involves exploiting ...

CVE-2025-66835

CVE-2025-66835 affects TrueConf Client 8.5.2. The vulnerability is a DLL hijacking issue triggered by a crafted wfapi.dll, enabling a local attacker to execute arbitrary code within the user’s context. Impact is confined to the user’s privileges/context as described; no in-wild exploitation detai...

CVE-2025-12771

IBM Concert 1.0.0 through 2.1.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system...

CVE-2025-12771

IBM Concert 1.0.0 through 2.1.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system...

CVE-2025-12771

CVE-2025-12771 affects IBM Concert software version 1.0.0–2.1.0. The vulnerability is a stack-based buffer overflow caused by improper bounds checking, allowing a local user to overflow a buffer and execute arbitrary code on the system. Red Hat and CIRCL entries corroborate the same description. ...

CVE-2025-12771 IBM Concert Software Improper Restriction of Operations within the Bounds of a Memory Buffer.

IBM Concert 1.0.0 through 2.1.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system...