CVE-2025-1370 MicroWorld eScan Antivirus Autoscan USB epsdaemon sprintf os command injection

A vulnerability, which was classified as critical, has been found in MicroWorld eScan Antivirus 7.0.32 on Linux. Affected by this issue is the function sprintf of the file epsdaemon of the component Autoscan USB. The manipulation leads to os command injection. An attack has to be approached...

CVE-2025-1370

CVE-2025-1370 affects MicroWorld eScan Antivirus 7.0.32 on Linux, where the sprintf function in epsdaemon (Autoscan USB component) is exploitable, enabling local OS command injection. The vulnerability is described as critical with local attack vector; exploitation is possible with user interacti...

CVE-2025-1367

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been classified as critical. This affects the function sprintf of the component USB Password Handler. The manipulation leads to buffer overflow. An attack has to be approached locally. The vendor was contacted early...

CVE-2025-1367 MicroWord eScan Antivirus USB Password sprintf buffer overflow

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been classified as critical. This affects the function sprintf of the component USB Password Handler. The manipulation leads to buffer overflow. An attack has to be approached locally. The vendor was contacted early...

CVE-2025-1367 MicroWord eScan Antivirus USB Password sprintf buffer overflow

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been classified as critical. This affects the function sprintf of the component USB Password Handler. The manipulation leads to buffer overflow. An attack has to be approached locally. The vendor was contacted early...

CVE-2025-1366 MicroWord eScan Antivirus VirusPopUp strcpy stack-based overflow

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this issue is the function strcpy of the component VirusPopUp. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been...

CVE-2025-1366

CVE-2025-1366 affects MicroWord eScan Antivirus 7.0.32 (Linux). The vulnerability is in the VirusPopUp component’s strcpy function, causing a stack-based buffer overflow . Exploitation requires local access; the exploit has been publicly disclosed and the vendor did not respond to disclosures. A ...

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg version 7.1 and prior versions, which stems from a null pointer dereference. An attacker exploiting this vulnerability could cause a denial of...

CVE-2025-1364

CVE-2025-1364 details a stack-based buffer overflow in the USB Protection Service's passPrompt function in MicroWord eScan Antivirus 7.0.32 on Linux. The flaw allows a local attacker to trigger exploitation on the host; the exploit has been publicly disclosed and vendor response is unavailable. A...

CVE-2025-1353

A vulnerability was found in Kong Insomnia up to 10.3.0 and classified as critical. This issue affects some unknown processing in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

CVE-2025-1353 Kong Insomnia profapi.dll untrusted search path

A vulnerability was found in Kong Insomnia up to 10.3.0 and classified as critical. This issue affects some unknown processing in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

CVE-2025-1353 Kong Insomnia profapi.dll untrusted search path

A vulnerability was found in Kong Insomnia up to 10.3.0 and classified as critical. This issue affects some unknown processing in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

CVE-2025-1353

CVE-2025-1353 affects Kong Insomnia up to 10.3.0, involving the library profapi.dll . The issue is an untrusted search path vulnerability that requires a local attack, with high complexity as described. The existence and reproducibility are disputed in sources. Affected component is the profapi.d...

PT-2025-6907 · Radare2 · Radare2

Name of the Vulnerable Software and Affected Versions: radare2 versions 5.9.9 through 5.9.9 33286 Description: A vulnerability was found in radare2, affecting an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An attack has t...

PT-2025-6905

Name of the Vulnerable Software and Affected Versions: GNU elfutils version 0.192 Description: A vulnerability was found in GNU elfutils, affecting the function elf strptr in the library /libelf/elf strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to...

SUSE CVE-2025-1215

A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is abl...

CVE-2024-31757

An issue in TeraByte Unlimited Image for Windows v.3.64.0.0 and before and fixed in v.4.0.0.0 allows a local attacker to escalate privileges via the TBOFLHelper64.sys and TBOFLHelper.sys component...

CVE-2024-57725

CVE-2024-57725 affects Arcadyan Livebox Fibra PRV3399B_B_LT. The issue allows an unauthenticated attacker to modify the GPON link value via the vulnerable endpoints, notably /firstconnection.cgi (and related /cgi/cgi_authpage.js exposure), enabling a potential internet service disruption (DoS) on...

AZL-56708 CVE-2025-1215 affecting package vim for versions less than 9.1.0791-4

A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is abl...

CVE-2025-1215

A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is abl...