Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the SQObjectPtr::operator function. An attacker can cause a crash by providing crafted input during local code execution. Remediation There is no fixed version for squirrel. References - GitHub Issue...

GnuPG: GnuPG: Stack-based buffer overflow in tpm2daemon allows arbitrary code execution

A flaw was found in GnuPG. This vulnerability, a stack-based buffer overflow, occurs in the tpm2daemon component when processing PKDECRYPT commands for cryptographic keys secured by a Trusted Platform Module TPM. A local attacker could exploit this to execute unauthorized code, potentially gainin...

CVE-2025-22453

Improper input validation for some Server Firmware Update UtilitySysFwUpdt before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This...

CVE-2025-63421

An issue in filosoft Comerc.32 Commercial Invoicing v.16.0.0.3 allows a local attacker to execute arbitrary code via the comeinst.exe file...

MAL-2026-868 Malicious code in pydantics (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dda36b358c57e79abf804d53d4750cf2836f930b07aa524c0b5c4d231d92143f Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Realtek IIS Codec Service 代码问题漏洞

The Realtek IIS Codec Service is a backend service for audio decoders provided by Realtek Semiconductor in China. Version 6.4.10041.133 of the Realtek IIS Codec Service contains a code vulnerability. This vulnerability stems from the lack of quotation marks around the service path, which may allo...

Filosoft Comerc32 安全漏洞

Filosoft Comerc32 is a commercial invoicing and management software developed by the Portuguese company Filosoft. Version Filosoft Comerc32 Commercial Invoicing 16.0.0.3 contains a security vulnerability. This vulnerability stems from a flaw in the comeinst.exe file, which may allow local attacke...

CVE-2026-21244

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally...

CVE-2026-21248

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally...

CVE-2026-21247

Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally...

CVE-2019-25310

ActiveFax Server 6.92 Build 0316 contains an unquoted service path vulnerability in the ActiveFaxServiceNT service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with elevated...

CVE-2019-25309 Zilab Remote Console Server 3.2.9 - 'Zilab Remote Console Server' Unquoted Service Path

Zilab Remote Console Server 3.2.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that wil...

CVE-2019-25309 Zilab Remote Console Server 3.2.9 - 'Zilab Remote Console Server' Unquoted Service Path

Zilab Remote Console Server 3.2.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that wil...

CVE-2019-25306 BlackMoon FTP Server 3.1.2.1731 - 'BMFTP-RELEASE' Unquoted Serive Path

BlackMoon FTP Server 3.1.2.1731 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to insert malicious code that would execute with...

ActFax ActiveFax Server 代码问题漏洞

ActFax ActiveFax Server is a fax server software developed by the Austrian company ActFax. Version 6.92 Build 0316 of ActFax ActiveFax Server has a code vulnerability. This vulnerability stems from an unquoted service path within the ActiveFaxServiceNT service, which may allow local attackers to...

Rockwell Automation Studio 5000 Logix Designer Code Issue Vulnerability

Rockwell Automation Studio 5000 Logix Designer is a Windows-based application from Rockwell Automation, Inc. It is used to build programs for PLCs. A code issue vulnerability exists in Rockwell Automation Studio 5000 Logix Designer, which stems from an unquoted service path in FactoryTalk...

Softalk WorkgroupMail 代码问题漏洞

Softalk WorkgroupMail is a mail server software developed by Softalk Corporation. Version 7.5.1 of Softalk WorkgroupMail contains a code vulnerability. This vulnerability stems from an incorrect service path in the Windows service configuration, which may allow local attackers to execute arbitrar...

PT-2026-7604

Zilab Remote Console Server 3.2.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that wil...

CVE-2026-21248

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally...

CVE-2026-21247

Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally...