CVE-2026-8035

Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

A NULL pointer dereference flaw was discovered in dbFree in the fs/jfs/jfsdmap.c file of the Journaling File System JFS within the Linux kernel. This issue may allow a local attacker to cause the system to crash due to a missing sanity check...

Astra Linux - уязвимость в linux-5.15

A buffer overflow vulnerability was discovered in the Linux kernel’s Intel iSMT SMBus host controller driver, particularly in its handling of the I2CSMBUSBLOCKPROCCALL case using the ioctl I2CSMBUS function. This flaw could allow a local user to cause the system to crash...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A double-free memory flaw was discovered in the Linux kernel. The Intel GVT-g graphics driver triggers a system resource overload for the VGA card, resulting in a failure in the intelgvtdmamapguestpage function. This issue could allow a local user to crash the system...

CVE-2018-25281

iCash 7.6.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload through the Connect to Server dialog. Attackers can paste a 7000-byte string into the Host field and click Connect to trigger an application crash...

EUVD-2018-21811

Project64 2.3.2 contains a buffer overflow vulnerability in the Plugin Directory settings field that allows local attackers to crash the application by supplying an excessively long string. Attackers can input a 6000-byte payload into the Plugin Directory field through the Options Settings...

CVE-2018-25264

TransMac 12.2 is affected by a buffer overflow in the License Key input field. An attacker can craft a payload file containing ~4000 bytes, paste it into the License Key field, and trigger a local denial-of-service condition. The issue is documented with CVSS vectors indicating Local access, Low ...

PT-2026-35263

Prime95 29.4b7 contains a buffer overflow vulnerability in the PrimeNet connection dialog that allows local attackers to crash the application by supplying an excessively long string in the optional proxy password field. Attackers can trigger a denial of service by entering a 6000-byte payload in...

CVE-2026-35348 uutils coreutils sort Local Denial of Service via Forced UTF-8 Parsing

The sort utility in uutils coreutils is vulnerable to a process panic when using the --files0-from option with inputs containing non-UTF-8 filenames. The implementation enforces UTF-8 encoding and utilizes expect, causing an immediate crash when encountering valid but non-UTF-8 paths. This diverg...

CVE-2026-6245 Sssd: out-of-bounds read in the sssd

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

CVE-2018-25244

Eco Search 1.0.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar and trigger a crash by initiating a...

CVE-2019-25655

Device Monitoring Studio 8.10.00.8925 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the server connection dialog. Attackers can trigger the crash by entering a malformed server name or address containing...

CVE-2018-25226

FTPShell Server 6.83 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the account name field. Attackers can trigger a denial of service by pasting a 417-byte payload into the 'Account name to ban' parameter...

WinAVI iPod/3GP/MP4/PSP Converter 安全漏洞

WinAVI iPod/3GP/MP4/PSP Converter is an open-source video file format conversion tool developed by WinAVI. Version 4.4.2 of WinAVI iPod/3GP/MP4/PSP Converter contains a security vulnerability. This vulnerability causes a denial-of-service attack, potentially allowing local attackers to cause the...

Pixarra Blob Studio 安全漏洞

Pixarra Blob Studio is a digital painting software developed by the American company Pixarra. It focuses on creating works in the “organic block-style” technique, suitable for concept art, illustrations, textures, backgrounds, and the rendering of natural forms. Version 2.17 of Pixarra Blob Studi...

CVE-2019-25601

UltraVNC Launcher 1.2.2.4 contains a buffer overflow vulnerability in the Path vncviewer.exe property field that allows local attackers to crash the application by supplying an excessively long string. Attackers can input a 300-byte payload of repeated characters through the Properties dialog to...

CVE-2019-25601

The CVE-2019-25601 entry concerns UltraVNC Launcher 1.2.2.4. The vulnerability is a buffer overflow in the Path vncviewer.exe property field that allows a local attacker to crash the application by supplying an excessively long string. Exploitation example: a 300-byte payload of repeated characte...

EUVD-2019-19880

TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during di...

CVE-2019-25569 RealTerm Serial Terminal 2.0.0.70 SEH Overflow Crash

RealTerm Serial Terminal 2.0.0.70 contains a stack-based buffer overflow vulnerability in the Echo Port field that allows local attackers to crash the application by triggering a structured exception handler SEH chain corruption. Attackers can craft a malicious input string with 268 bytes of...

PT-2026-26908

PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying a malformed image file. Attackers can trigger the vulnerability through the Create SC feature by selecting a crafted BMP file with an oversized buffer, causing the...