CVE-2018-25284 HD Tune Pro 5.70 Denial of Service via Options Dialog

HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Attackers can trigger a denial of service by entering a 6000-byte payload through the File Options Save dialog's...

EUVD-2018-21804

HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Attackers can trigger a denial of service by entering a 6000-byte payload through the File Options Save dialog's...

CVE-2018-25284

HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Attackers can trigger a denial of service by entering a 6000-byte payload through the File Options Save dialog's...

CVE-2018-25284

HD Tune Pro 5.70 is affected by a local denial-of-service vulnerability due to a buffer overflow in the File > Options > Save dialog, specifically in the folder/file name input field. A 6000-byte payload can crash the application when supplied as the name, indicating an exploitable overflow...

CVE-2018-25284 HD Tune Pro 5.70 Denial of Service via Options Dialog

HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Attackers can trigger a denial of service by entering a 6000-byte payload through the File Options Save dialog's...

CVE-2018-25283

CVE-2018-25283 affects iSmartViewPro 1.5. The vulnerability is a SEH-based buffer overflow in the 'Save Path for Snapshot and Record file' field. A crafted payload exceeding 260 bytes via the System Setup interface can overwrite SEH records and execute shellcode with application privileges, enabl...

EUVD-2018-21803

iSmartViewPro 1.5 contains a structured exception handling SEH buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows local attackers to execute arbitrary code. Attackers can input a crafted payload exceeding 260 bytes through the System Setup interface to...

CVE-2018-25283 iSmartViewPro 1.5 Buffer Overflow via SavePath Parameter

iSmartViewPro 1.5 contains a structured exception handling SEH buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows local attackers to execute arbitrary code. Attackers can input a crafted payload exceeding 260 bytes through the System Setup interface to...

CVE-2018-25283 iSmartViewPro 1.5 Buffer Overflow via SavePath Parameter

iSmartViewPro 1.5 contains a structured exception handling SEH buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows local attackers to execute arbitrary code. Attackers can input a crafted payload exceeding 260 bytes through the System Setup interface to...

HD Tune Pro 安全漏洞

HD Tune Pro is a disk analysis tool developed by HD Tune Inc., used to test hard drive performance, health status, and detect errors. Version 5.70 of HD Tune Pro contains a security vulnerability. This vulnerability stems from a buffer overflow issue when submitting excessively long strings throu...

PT-2026-35254

HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Attackers can trigger a denial of service by entering a 6000-byte payload through the File Options Save dialog's...

Smarteye iSmartViewPro 安全漏洞

Smarteye iSmartViewPro is a remote monitoring application for webcams developed by Smarteye Company in China. Version 1.5 of Smarteye iSmartViewPro contains a security vulnerability. This vulnerability stems from an improper handling of structured data in the “Save Path for Snapshot and Record”...

PT-2026-35253

iSmartViewPro 1.5 contains a structured exception handling SEH buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows local attackers to execute arbitrary code. Attackers can input a crafted payload exceeding 260 bytes through the System Setup interface to...

CVE-2026-33077

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the oldconfig parameter in the haproxysectionsave interface has an arbitrary file read vulnerability. Version 8.2.6.4 fixes the issue...

[SECURITY] Fedora 44 Update: buildah-1.43.1-1.fc44

The buildah package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a ne...

CVE-2026-33077

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the oldconfig parameter in the haproxysectionsave interface has an arbitrary file read vulnerability. Version 8.2.6.4 fixes the issue...

CVE-2026-33076

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the haproxysectionsave interface presents a vulnerability that could lead to remote code execution due to path traversal and writing into scheduled tasks. Version 8.2.6.4 fixes the iss...

CVE-2026-33078 Roxy-WI has SQL Injection in haproxy_section_save Endpoint via Unsanitized server_ip Parameter

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 8.2.6.4 have a SQL injection vulnerability in the haproxysectionsave function in app/routes/config/routes.py. The serverip parameter, sourced from the URL path, is passed unsanitized through...

CVE-2026-33078 Roxy-WI has SQL Injection in haproxy_section_save Endpoint via Unsanitized server_ip Parameter

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 8.2.6.4 have a SQL injection vulnerability in the haproxysectionsave function in app/routes/config/routes.py. The serverip parameter, sourced from the URL path, is passed unsanitized through...

CVE-2026-33078

Roxy-WI prior to version 8.2.6.4 contains a SQL injection in the haproxy_section_save endpoint (app/routes/config/routes.py). The server_ip parameter, sourced from the URL path, is passed unsanitized through multiple calls and interpolated into a SQL query string using Python string formatting, e...