220 matches found
CVE-2025-25193 Denial of Service attack on windows app using Netty
Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file...
CVE-2025-25193
CVE-2025-25193 affects Netty (versions up to and including 4.1.118.Final). The flaw arises from an unsafe reading of an environment file, which can cause a denial of service. On Windows, Netty loads a non-existent file; if an attacker creates a very large file, the Netty application can crash. Th...
CVE-2025-25193 Denial of Service attack on windows app using Netty
Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file...
CVE-2025-25193 Denial of Service attack on windows app using Netty
Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file...
CVE-2025-25193
Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file...
Denial of Service attack on windows app using Netty
Summary An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attemps to load a file that does not exist. If an attacker creates such a large file, the Netty application crash. Details A similar issue was previousl...
netty: Denial of Service attack on windows app using Netty
A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes...
CVE-2024-3429
A path traversal vulnerability exists in the parisneo/lollms application, specifically within the sanitizepathfromendpoint and sanitizepath functions in lollmscore\lollms\security.py. This vulnerability allows for arbitrary file reading when the application is running on Windows. The issue arises...
Argus Surveillance DVR 4.0.0.0 - Directory Traversal
This module leverages an unauthenticated arbitrary file read for the Argus Surveillance 4.0.0.0 system which never saw an update since. As this is a Windows related application we recommend looking for common Windows file locations, especially C:\ProgramData\PYSoftware\Argus Surveillance...
CVE-2024-47535
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts ...
About the security content of Apple Music 1.5.0.152 for Windows
About the security content of Apple Music 1.5.0.152 for Windows This document describes the security content of Apple Music 1.5.0.152 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has...
PVS SOAP Service Crashes After Running the Auto Update
Provisioning Services Simple Object Access Protocol service crashes after running the Auto Update. The Auto Update feature in Provisioning Services PVS allows a master target to receive an update and roll it out to the target devices. The completion is signaled to the Windows Application log by a...
CVE-2024-6286
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows...
CVE-2024-33865
An issue was discovered in linqi before 1.4.0.1 on Windows. There is an NTLM hash leak via the /api/Cdn/GetFile and /api/DocumentTemplate/GUID endpoints...
PT-2024-21240 · Dell · Dell Grab For Windows
Name of the Vulnerable Software and Affected Versions: Dell Grab for Windows versions 5.0.4 and below Description: The issue is related to improper file permissions, which could be exploited by a locally authenticated attacker to disclose certain system information. A locally authenticated attack...
CDeX 安全漏洞
CDeX is a free software package from CDeX Inc. It is used to extract digital audio from audio CDs and convert audio formats for Microsoft Windows. A security vulnerability exists in CDeX 5.7.1 and earlier versions that stems from the presence of an open redirection vulnerability. An attacker can...
Number withdrawn
Sumatra PDF is a software application. PDF, ePub, MOBI, CHM, XPS, DjVu, CBZ, CBR readers for Windows. This CVE number has been withdrawn...
The vulnerability of the Jorani employee leave management software lies in the incorrect restriction on the path to the restricted catalog. This allows a hacker to execute arbitrary code.
The vulnerability of the Jorani application for Windows is related to an incorrect limitation on the path to the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
Alexander Maier EisBaer Scada Path Traversal Vulnerability
Alexander Maier EisBaer Scada is a visual reality display and control program created on Windows operating systems by Alexander Maier of Germany. Alexander Maier EisBaer Scada suffers from a path traversal vulnerability that stems from an incorrect restriction on pathnames to restricted directori...
Security Bulletin: IBM i Access Client Solutions - Windows Application Package is vulnerable to a timing issue with RSA Decryption in GSKit builds prior to 8.0.55.31 (CVE-2023-32342)
Summary IBM GSKit is used by IBM i Access Client Solutions - Windows Application Package when making TLS connections to an IBM i partition. If an RSA cipher is used, IBM GSKit could allow a remote attacker to obtain sensitive information. Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IB...