CVE-2023-20514

Improper handling of parameters in the AMD Secure Processor ASP could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution...

CVE-2024-36324

Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution...

CVE-2024-36324

The CVE-2024-36324 entry concerns the AMD Graphics Driver, where improper input validation could let an attacker supply a crafted pointer and achieve arbitrary code execution. The vulnerability is documented across multiple sources (NVD, Red Hat, CVE lists) with a CVSS v3.1 base score of 8.8 (HIG...

CVE-2024-36324

Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution...

CVE-2025-48503

CVE-2025-48503 is described as a DLL hijacking vulnerability in the AMD Software Installer that could enable privilege escalation and potentially arbitrary code execution. The primary affected component is the AMD Software Installer (and related AMD graphics software) as noted in multiple feeds, ...

CVE-2025-48503

A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

CVE-2025-48503

A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

CVE-2026-25655

A vulnerability has been identified in SINEC NMS All versions V4.0 SP2. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with administrative...

CVE-2026-22923

A vulnerability has been identified in NX All versions V2512, NX Managed Mode All versions V2512. The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially...

libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response Parsingmultipart HTTP response

A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption...

RLSA-2026:2222 Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Heap buffer overflow leading to denial of service and...

freerdp security update

An update is available for freerdp. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, release...

CVE-2026-25880

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

UTT 520W goform/formIpGroupConfig file buffer overflow vulnerability

The UTT 520W is a wireless router from China Aitai UTT. A buffer overflow vulnerability exists in the UTT 520W goform/formIpGroupConfig file, which originates from the failure of the parameter groupName in the file /goform/formIpGroupConfig to correctly validate the length of the input data, and...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

Zilab Remote Console Server 代码问题漏洞

Zilab Remote Console Server is a series of serial port servers developed by the German company Zilab. Version 3.2.9 of Zilab Remote Console Server contains a code vulnerability caused by an unquoted service path. This vulnerability could allow local attackers to execute arbitrary code with elevat...

AMD Secure Processor 安全漏洞

The AMD Secure Processor is an independent ARM Coretex-A5 chip developed by the American semiconductor company AMD. The AMD Secure Processor has a security vulnerability that stems from improper parameter handling, which may allow for the execution of arbitrary code...

AMD Vivado 安全漏洞

AMD Vivado is a hardware development and integrated design environment provided by the American semiconductor company AMD. AMD Vivado has security vulnerabilities, which stem from DLL hijacking. These vulnerabilities may allow local attackers to gain elevated privileges, enabling them to execute...

AMD μProf 安全漏洞

AMD μProf is a software analysis tool developed by the American semiconductor company AMD. AMD μProf has a security vulnerability, which stems from improper permission allocation. This vulnerability may lead to privilege escalation and arbitrary code execution...

TorrentRockYou Torrent 3GP Converter 安全漏洞

TorrentRockYou Torrent 3GP Converter is a video format conversion tool developed by TorrentRockYou Corporation. Version 1.51 of TorrentRockYou Torrent 3GP Converter has a security vulnerability; this vulnerability stems from a stack buffer overflow, which may allow for the execution of arbitrary...