CVE-2025-8351 Avira antivirus engine heap buffer OOB read when scanning a malformed file

Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avira Antivirus engine when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before...

CVE-2025-8351

CVE-2025-8351 describes a heap-based buffer overflow and out-of-bounds read in antivirus engines (Avira/Avast family) when scanning malformed files. Affected versions are engine builds before 8.3.70.98 and the impact can be local code execution or denial-of-service of the antivirus engine process...

CVE-2025-10101 Avast antivirus heap buffer OOB read when scanning a malformed Mach-O file

Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Mach-O file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on...

CVE-2025-10101 Avast antivirus heap buffer OOB read when scanning a malformed Mach-O file

Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Mach-O file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on...

CVE-2025-10101

CVE-2025-10101 describes a heap-based buffer overflow and out-of-bounds write in Avast Antivirus for macOS triggered by a crafted Mach-O file, potentially enabling local code execution or denial of service. Affected versions are Avast Antivirus 15.7 up to 3.9.2025. Root cause: memory management f...

Avast Antivirus 安全漏洞

Avast Antivirus is a suite of antivirus software from the Czech company Avast. A security vulnerability exists in Avast Antivirus version 15.7 up to and including version 3.9.2025, which originates from a heap buffer overflow and out-of-bounds writes, and may result in local code execution or...

Shirt Pocket SuperDuper! 安全漏洞

Shirt Pocket SuperDuper! is a data backup, disk cloning and recovery tool for macOS from Shirt Pocket. A security vulnerability exists in Shirt Pocket SuperDuper! V.3.10 and earlier versions that originates from a local attacker who can execute arbitrary code via the software update mechanism...

PT-2025-48473

Name of the Vulnerable Software and Affected Versions Avast Antivirus versions 15.7 through 3.9.2025 Description A flaw exists in Avast Antivirus on MacOS that involves a heap-based buffer overflow and out-of-bounds write condition. Processing a specially crafted Mach-O file could lead to local...

PT-2025-48493

Name of the Vulnerable Software and Affected Versions Avast Antivirus versions 8.3.70.94 through 8.3.70.97 Description A heap-based buffer overflow and out-of-bounds read issue exists in Avast Antivirus on MacOS when scanning a malformed file. This can lead to local execution of code or a...

CVE-2025-61228

An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism...

CVE-2025-59890

Improper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead into an attacker with local access to execute unauthorized code or commands. This security issue has been fixed in the latest version of Galileo which is...

Security update for helm

This update for helm fixes the following issues: Update to version 3.19.1 CVE-2025-53547: Fixed local code execution in Helm Chart. bsc1246152 CVE-2025-58190: Fixed excessive memory consumption by html.ParseFragment when processing specially crafted input. bsc1251649 CVE-2025-47911: Fixed various...

EulerOS 2.0 SP13 : icu (EulerOS-SA-2025-2435)

According to the versions of the icu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the...

Security Bulletin: Astronomer with IBM is vulnerable to local code execution due to the Helm package manager (CVE-2025-53547)

Summary Helm is used by Astronomer with IBM as part of service installation and management. Vulnerability Details CVEID:CVE-2025-53547 DESCRIPTION: Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock fi...

TencentOS Server 4: firefox (TSSA-2025:0417)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0417 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 4: needrestart (TSSA-2024:1043)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1043 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 4: mozjs (TSSA-2025:0474)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0474 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

RaidenFTPD Server <= 2.4.4005 Buffer Overflow Vulnerability

RaidenFTPD v.2.4 build 4005 allows a local attacker to execute arbitrary code via the Server name field of the step by step setup wizard. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

CVE-2025-10089

Uncontrolled Search Path Element Vulnerability in Setting and Operation Application for Lighting Control System MILCO.S Setting Application all versions, MILCO.S Setting Application IR all versions, MILCO.S Easy Setting Application IR all versions, and MILCO.S Easy Switch Application IR all...

CVE-2025-47761

An Exposed IOCTL with Insufficient Access Control vulnerability CWE-782 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via fortips driver. Success of the attack would requi...