CVE-2020-37065 StreamRipper32 2.6 - Buffer Overflow

StreamRipper32 version 2.6 contains a buffer overflow vulnerability in the Station/Song Section that allows attackers to overwrite memory by manipulating the SongPattern input. Attackers can craft a malicious payload exceeding 256 bytes to potentially execute arbitrary code and compromise the...

EUVD-2020-31000

StreamRipper32 version 2.6 contains a buffer overflow vulnerability in the Station/Song Section that allows attackers to overwrite memory by manipulating the SongPattern input. Attackers can craft a malicious payload exceeding 256 bytes to potentially execute arbitrary code and compromise the...

EUVD-2020-30946

Simple Startup Manager 1.17 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory through the 'File' input parameter. Attackers can craft a malicious payload with 268 bytes to trigger code execution, bypassing DEP and overwriting memo...

CVE-2020-37036

RM Downloader 2.50.60 is affected by a local buffer overflow in the Load parameter that can allow arbitrary code execution by overwriting memory. The vulnerability is described as exploitable via a crafted payload using an egg hunter technique to bypass protections, potentially enabling commands ...

MiracleLinux 9 : kernel-5.14.0-362.24.1.el9_3 (AXSA:2024-7637:09)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7637:09 advisory. kernel: inactive elements in nftpipapowalk CVE-2023-6817 kernel: netfilter: use-after-free in nfttransgccatchallsync leads to privilege escalation...

MiracleLinux 8 : kernel-4.18.0-477.10.1.el8_8 (AXSA:2023-5865:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5865:16 advisory. use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 net/ulp: use-after-free in listening ULP sockets CVE-2023-046...

CVE-2025-48647

In cpmfwtpmsghandler of cpm/google/lib/tracepoint/cpmfwtpipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48647

In cpmfwtpmsghandler of cpm/google/lib/tracepoint/cpmfwtpipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48647

In cpmfwtpmsghandler of cpm/google/lib/tracepoint/cpmfwtpipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48647

In cpmfwtpmsghandler of cpm/google/lib/tracepoint/cpmfwtpipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48647

In cpmfwtpmsghandler of cpm/google/lib/tracepoint/cpmfwtpipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48647

CVE-2025-48647 affects the Google CPM IPC path: cpm_fwtp_msg_handler in cpm/google/lib/tracepoint/cpm_fwtp_ipc.c. The issue is a memory overwrite caused by improper input validation, enabling local elevation of privilege with no additional privileges or user interaction required. Impact is descri...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001432)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001432 advisory. An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC...

PT-2026-3272

In cpm fwtp msg handler of cpm/google/lib/tracepoint/cpm fwtp ipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000683)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000683 advisory. On Linux running on PowerPC hardware Power8 or later a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception...

CVE-2026-22854

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap...

MiracleLinux 3 : cups-1.2.4-11.18.2.1AXS3 (AXSA:2008-510:05)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-510:05 advisory. The Common UNIX Printing System CUPS provides a portable printing layer for UNIXR operating systems. This patch fixes the following bugs: CVE-2008-36...

FreeRDP 安全漏洞

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A security vulnerability exists in FreeRDP versions prior to 3.20.1, which stems from a drive read where the server-controlled read length is used to read file data into the IRP output stream buffer...

CVE-2010-0360

Sun Java System Web Server aka SJWS 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an "overflow." NOTE: this might overlap...

CVE-2021-31795

The PowerVR GPU kernel driver in pvrsrvkm.ko through 2021-04-24 for the Linux kernel, as used on Alcatel 1S phones, allows attackers to overwrite heap memory via PhysmemNewRamBackedPMR...