CVE-2025-20081

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios...

CVE-2025-20626

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios...

OpenHarmony 缓冲区错误漏洞

OpenHarmony is an open source project for a kind of Hongmeng operating system from the China OpenAtom OpenAtom Foundation. A buffer error vulnerability exists in OpenHarmony v5.0.2 and earlier versions that originates from an out-of-bounds write and allows a local attacker to execute arbitrary co...

OpenHarmony 输入验证错误漏洞

OpenHarmony is an open source project of a kind of Hongmeng operating system from the China OpenAtom OpenAtom Foundation. An input validation error vulnerability exists in OpenHarmony 5.0.2 and earlier versions, which stems from an integer overflow and could lead to local arbitrary code execution...

Linux Distros Unpatched Vulnerability : CVE-2015-5154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest user...

Linux Distros Unpatched Vulnerability : CVE-2009-0314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted search path vulnerability in the Python module in gedit allows local users to execute arbitrary code via a Trojan horse Python file in the current...

Blizzard Battle.Net 代码问题漏洞

Blizzard Battle.Net is a multiplayer online gaming service provided by Blizzard Entertainment, Inc. for its games. A code issue vulnerability exists in Blizzard Battle.Net 2.39.0.15212 and prior versions, which stems from the presence of an uncontrolled search path that could lead to local code...

IBM Security Verify Access 代码注入漏洞

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. A code injection vulnerability exists in IBM Security Verify Access versions 10.0.0.0 through 10.0.0.9 and 11.0.0.0, which stems from improper restrictions on code generation...

CVE-2025-25944

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4RtpAtom::AP4RtpAtom, during the execution of mp4fragment with a crafted MP4 input file...

Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files from Axiomatic Systems. A security vulnerability exists in Bento4 version v1.6.0-641, which stems from a buffer overflow in Ap4Stz2Atom.cpp that allows local execution of arbitrary code...

Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files from Axiomatic Systems. A security vulnerability exists in Bento4 version v1.6.0-641, which stems from a buffer overflow in Ap4RtpAtom.cpp that allows local execution of arbitrary code...

PT-2025-7584 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-641 Description: A buffer overflow issue allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4 RtpAtom::AP4 RtpAtom, during the execution of mp4fragment with a crafted MP4 input fil...

CVE-2025-25943

CVE-2025-25943 concerns Bento4 v1.6.0-641, where a buffer overflow in the AP4_Stz2Atom::AP4_Stz2Atom component (Ap4Stz2Atom.cpp) allows a local attacker to execute arbitrary code. Public documents confirm the affected software and the vulnerable function/file, and describe the impact as local arb...

PT-2025-7583 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-641 Description: A buffer overflow issue in Bento4 allows a local attacker to execute arbitrary code via the AP4 Stz2Atom::AP4 Stz2Atom component located in Ap4Stz2Atom.cpp. This enables local arbitrary code execution...

Hitachi HVAC Energy Saving Program 安全漏洞

Hitachi HVAC Energy Saving Program is an energy saving program project of Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi HVAC Energy Saving Program that originates from an unsafe loading of a dynamic link library, which could lead to local code execution or information...

Azure Linux 3.0 Security Update: kernel (CVE-2024-21803)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21803 advisory. - Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local...

CVE-2022-49038

Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors...

CVE-2024-50322

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required...

CVE-2024-6563

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files...

CVE-2024-33582

A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges...