4242 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
The “Use After Free” vulnerability in the Linux kernel allows for the execution of code in a local environment on Linux, x86, and ARM bluetooth modules. This vulnerability is associated with the program file https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This...
Astra Linux - уязвимость в ffmpeg, ffmpeg5
The Ffmpeg v.N113007-g8d24a28d06 contains a buffer overflow vulnerability that allows a local attacker to execute arbitrary code through a floating-point exception error at libavfilter/vfminterpolate.c:1078:60 in interpolate...
Astra Linux - уязвимость в ofono
oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
Astra Linux - уязвимость в ffmpeg5
FFmpeg v.n6.1-3-g466799d4f5 allows for memory consumption when using the colorcorrect filter, specifically in the avmalloc function located at line 105:9 of the libavutil/mem.c file...
Astra Linux - уязвимость в ofono
oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
SUSE CVE-2025-5264
Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11,...
GHSA-3QCW-2RHX-2726 Turbo: Unexpected local code execution during Yarn Berry detection
Impact Turborepo can be vulnerable to arbitrary code execution when run in untrusted repositories that contain malicious Yarn configuration. In affected versions, package manager detection executed yarn --version from the project directory, which could cause Yarn to load and execute a...
NPM: Turbo: Unexpected local code execution during Yarn Berry detection
NPM: Turbo: Unexpected local code execution during Yarn Berry detection vulnerability discovered by ? in WordPress Npm turbo versions = 1.1.0, 2.9.14...
CVE-2026-28733
The CVE-2026-28733 entry concerns a use-after-free vulnerability in the OpenHarmony filemanagement_storage_service affecting OpenHarmony v6.0 and earlier. The weakness enables a local attacker to achieve arbitrary code execution, as described in the CVE entry. The provided metrics indicate a medi...
CVE-2026-28733 filemanagement_storage_service has an use after free vulnerability
in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution...
CVE-2026-28733 filemanagement_storage_service has an use after free vulnerability
in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution...
MLflow 安全漏洞
MLflow is an open-source platform that simplifies machine learning development. It includes features like tracking experiments, packaging code for reproducible runs, and sharing and deploying models. Versions of mlflow prior to 3.11.0 contained a security vulnerability. This vulnerability stemmed...
CVE-2018-25322
Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the...
CVE-2018-25323
Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a text file with a specially crafted buffer containing shellcode and SEH...
EUVD-2018-21846
Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a text file with a specially crafted buffer containing shellcode and SEH...
CVE-2018-25323 Allok AVI DivX MPEG to DVD Converter 2.6.1217 Buffer Overflow SEH
Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a text file with a specially crafted buffer containing shellcode and SEH...
CVE-2018-25322 Allok Fast AVI MPEG Splitter 1.2 Stack Based Buffer Overflow
Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the...
CVE-2018-25322
Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the...
CVE-2018-25322 Allok Fast AVI MPEG Splitter 1.2 Stack Based Buffer Overflow
Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the...
CVE-2018-25322
Allok Fast AVI MPEG Splitter 1.2 is affected by a stack-based buffer overflow in the License Name field. An attacker with local access can craft a payload (about 780 bytes of junk data followed by structured shellcode) to overflow the stack and execute code with the application's privileges. The ...