Allok RM RMVB to AVI MPEG DVD Converter 安全漏洞

Allok RM RMVB to AVI MPEG DVD Converter is a video encoding tool developed by Allok Corporation. Version 3.6.1217 of Allok RM RMVB to AVI MPEG DVD Converter contains a security vulnerability. This vulnerability stems from a stack buffer overflow in the License Name input field, which may allow fo...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

CIPPlanner CIPAce 安全漏洞

CIPPlanner CIPAce is a business process automation and application development platform provided by the American company CIPPlanner. Versions of CIPPlanner CIPAce prior to version 9.17 contained security vulnerabilities. These vulnerabilities stemmed from the rich text editor and document...

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A code execution vulnerability exists in several Apple products, which can be exploited by an attacker to execute arbitrary code...

AMD μProf 安全漏洞

AMD μProf is a software analysis tool developed by the American semiconductor company AMD. AMD μProf has a security vulnerability, which stems from improper permission allocation. This vulnerability may lead to privilege escalation and arbitrary code execution...

CVE-2026-21349

Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21349

Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-29950

Improper input validation in system management mode SMM could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution...

CVE-2024-36355

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 sleep wake up, potentially resulting in arbitrary code execution...

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution via the Mongoid::Criteria.fromhash function. An attacker can execute arbitrary Ruby code by supplying a specially crafted Hash value. Remediation Upgrade mongoid to version 7.6.1, 8.0.12, 8.1.12, 9.0.10 or highe...

CVE-2025-29951

CVE-2025-29951 affects the AMD Secure Processor (ASP) bootloader. A buffer overflow could allow an attacker to overwrite memory, enabling privilege escalation and arbitrary code execution. Documents consistently describe the vulnerability across multiple feeds (NVD/Red Hat/CVE List/Amd bulletin) ...

CVE-2025-29951

A buffer overflow in the AMD Secure Processor ASP bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution...

CVE-2025-29951

A buffer overflow in the AMD Secure Processor ASP bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution...

CVE-2025-48515

Insufficient parameter sanitization in AMD Secure Processor ASP Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution...

CVE-2025-48515

CVE-2025-48515 concerns the AMD Secure Processor (ASP) Boot Loader. The provided documents describe insufficient parameter sanitization that could allow an attacker with access to a SPI ROM upgrade to overwrite memory, potentially enabling arbitrary code execution. The PT-2026-7464 entry reiterat...

CVE-2026-21349 Lightroom Desktop | Out-of-bounds Write (CWE-787)

Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-36355

CVE-2024-36355 is an AMD SMM-related vulnerability: improper input validation in the System Management Mode (SMM) handler can enable a Ring0 attacker to write to SMRAM and alter execution flow during S3 wake, potentially allowing arbitrary code execution. Affected context appears in AMD EPYC/embe...

CVE-2024-36355

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 sleep wake up, potentially resulting in arbitrary code execution...

CVE-2026-21352

DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21353

DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...