312 matches found
CVE-2026-57895
Incorrect default permissions issue exists in Pupsman versions prior to 3.9.0. An attacker can place a malicious executable in the installation folder, which results in arbitrary code execution with SYSTEM privilege...
EUVD-2026-42165
Uncontrolled search path element issue exists in Pupsman versions prior to 3.9.0. If a crafted DLL file is placed in the same folder as the affected installer and the installer is executed, arbitrary code may be executed with SYSTEM privilege...
CVE-2026-58127
PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET...
CVE-2026-9780
Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVault Backup. User interaction is required to exploit this vulnerability in that the target must vis...
PT-2026-52143
Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description An authentication bypass issue exists within the 'viewclient' webpage due to improper validation of user-supplied data. This allows remote attackers to inject arbitrary scripts,...
PT-2026-49612
Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges...
Microsoft Windows Narrator Braille Support brlapi Exposed Dangerous Function Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, Braille support for Narrator must be...
CVE-2026-25551
Seagull Software BarTender 2021 R1 through 12.0.1 contains an insecure deserialization vulnerability that allows low-privileged local users to escalate privileges. The DataServiceSingleton .NET Remoting endpoint is bound to localhost on TCP port 7375 via BtSystem.Service.exe, limiting the attack...
ALPINE-CVE-2026-6637
Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a user-controlled column as a "refint" cascade primary key and facilitate...
CVE-2026-6637
Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a user-controlled column as a "refint" cascade primary key and facilitate...
CVE-2026-6788
WatchGuard Agent for Windows is affected by CVE-2026-6788 (Uncontrolled Search Path Element) in PluginLauncher, allowing SYSTEM code execution through malicious files. Affected: WatchGuard Agent prior to 1.25.03.0000. The issue’s impact per the provided metrics includes high impact on confidentia...
CVE-2026-6788 Uncontrolled search path in PluginLauncher allows SYSTEM code execution in WatchGuard Agent
Uncontrolled Search Path Element vulnerability in WatchGuard Agent on Windows allows Using Malicious Files.This issue affects WatchGuard Agent before 1.25.03.0000...
Sandboxie-Plus 安全漏洞
Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus 1.17.2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of wcscat to copy the server field in NamedPipeServer::OpenHandler, without verifying the...
Sandboxie-Plus 安全漏洞
Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus 1.17.2 and earlier contained security vulnerabilities. These vulnerabilities were caused by a stack buffer overflow in the RunSbieCtrl processor of the SbieIniServer module, which could lead...
Sandboxie-Plus 安全漏洞
Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus 1.17.2 and earlier contain security vulnerabilities. These vulnerabilities stem from the ProcessServer processing program’s use of wcscpy to copy the boxname field, without verifying an empt...
CVE-2026-7372
A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. Stack-overflow via...
CVE-2026-7372
CVE-2026-7372 affects GeoVision GV-VMS V20 20.0.2, specifically the WebCam Server Login functionality. A stack overflow is triggered by an unconstrained sscanf when parsing the Authorization string, where username or password extracted content may exceed 40 characters, overwriting the stack. The ...
CVE-2026-7372 GeoVision GV-VMS V20 WebCam Server Login stack overflow vulnerability
A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. Stack-overflow via...
EUVD-2026-26860
GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access t...
CVE-2026-42369
GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access t...