1351 matches found
FlexHEX 代码问题漏洞
FlexHEX is an open-source hexadecimal data editor developed by FlexHEX. Version 2.71 of FlexHEX contains a code vulnerability caused by a local buffer overflow in the Stream Name field. This vulnerability could allow local attackers to execute arbitrary code by triggering the structured exception...
Fresh X-NetStat Pro 缓冲区错误漏洞
Fresh X-NetStat Pro is a network connection status monitoring tool developed by Fresh Corporation. Version X-NetStat Pro 5.63 contains a buffer error vulnerability, which stems from a local buffer overflow. This vulnerability could allow local attackers to exploit the overflow in the 264-byte...
CVE-2026-4538
A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The projec...
EUVD-2019-19839
Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field during...
CVE-2019-25554
Tomabo MP4 Converter 3.25.22 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can trigger a buffer overflow by pasting a large payload into the Name parameter when adding a preset i...
CVE-2019-25545
Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field during...
CVE-2019-25545
Terminal Services Manager 3.2.1 contains a local buffer overflow in the computer name field (during computer addition). A 5000‑byte input in the 'Computer name or IP address' field can crash the server entry, causing a denial of service when the server entry is accessed. The impact is a LOCAL, HI...
Magic Iso Maker 缓冲区错误漏洞
Magic Iso Maker is a disc imaging tool developed by Magic Iso Corporation. Version 5.5 build 281 of Magic Iso Maker has a buffer error vulnerability. This vulnerability stems from a buffer overflow in the Serial Code registration field, which could allow local attackers to cause the application t...
PT-2026-26910
Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field duri...
USN-8096-2 linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...
CVE-2026-4243
A weakness has been identified in La Nacion App 10.2.25 on Android. This impacts an unknown function of the file source/app/lanacion/clublanacion/BuildConfig.java of the component app.lanacion.activity. Executing a manipulation of the argument APIKEYWEBSOCKETCV can lead to unprotected storage of...
CVE-2026-4198 hypermodel-labs mcp-server-auto-commit index.ts getGitChanges command injection
A vulnerability was determined in hypermodel-labs mcp-server-auto-commit 1.0.0. Affected by this vulnerability is the function getGitChanges of the file index.ts. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may b...
CVE-2026-4174
Radare2 had a low-severity local DoS-like issue in the Mach-O File Parser: the function walk_exports_trie in libr/bin/format/mach0/mach0.c can cause resource consumption. Affected version: 5.9.9; fix is to upgrade to 6.1.2 (patch identified as 4371ae84c99c46b48cb21badbbef06b30757aba0). A PoC exis...
EUVD-2026-11542
A vulnerability has been found in jarikomppa soloud up to 20200207. Impacted is the function drwavreadpcmframess16msadpcm in the library src/audiosource/wav/drwav.h of the component WAV File Parser. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploi...
CVE-2026-4009
CVE-2026-4009 affects jarikomppa soloud, specifically the WAV File Parser component. The vulnerability is in the function drwav_read_pcm_frames_s16__msadpcm within src/audiosource/wav/dr_wav.h, causing an out-of-bounds read. The issue can be exploited locally, and the exploit has been disclosed p...
PT-2026-24945
A vulnerability was identified in OpenClaw up to 2026.2.17. This issue affects the function tools.exec.safeBins of the component File Existence Handler. The manipulation leads to information exposure through discrepancy. The attack needs to be performed locally. Upgrading to version...
PT-2026-24932
A vulnerability has been found in jarikomppa soloud up to 20200207. Impacted is the function drwav read pcm frames s16 msadpcm in the library src/audiosource/wav/dr wav.h of the component WAV File Parser. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The...
CVE-2026-3959
A vulnerability was found in 0xKoda WireMCP up to 7f45f8b2b4adeb76be8c6227eefb38533fdd6b1e. Impacted is the function server.tool of the file index.js of the component Tshark CLI Command Handler. The manipulation results in os command injection. The attack needs to be approached locally. The explo...
EUVD-2019-19737
Easy File Sharing Web Server 7.2 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by creating a malicious username. Attackers can craft a username with a payload containing 4059 bytes of padding followed by a nseh...
CVE-2026-0520
A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log file...