CVE-2025-69749

Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code...

Dummy BacklinkSpeed security vulnerability

Dummy BacklinkSpeed is an SEO automation tool developed by theDummy company. Version 2.4 of Dummy BacklinkSpeed contains a security vulnerability. This vulnerability arises from the possibility of buffer overflows caused by the import of malicious files, which can disrupt the structured exception...

TongSoft Audio Playback Recorder has a security vulnerability

TongSoft Audio Playback Recorder is an audio recording tool developed by TongSoft Corporation. Version 3.2.2 of TongSoft Audio Playback Recorder contains a security vulnerability. This vulnerability stems from local buffer overflows in pop-up windows and registration parameters, which may allow f...

CVE-2025-69749

Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code...

BearShare Lite security vulnerability

BearShare Lite is a peer-to-peer file sharing software developed by the BearShare company. Version 5.2.5 of BearShare Lite contains a security vulnerability, which stems from a buffer overflow in the advanced search keyword input field, potentially allowing for the execution of arbitrary code...

PT-2026-5285

BearShare Lite 5.2.5 contains a buffer overflow vulnerability in the Advanced Search keywords input that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload to overwrite the EIP register and execute shellcode by pasting malicious content into the search...

ROS-20260129-73-0006

Vulnerability in gdb related to writing outside buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to execute arbitrary code...

ROS-20260129-73-0007

Vulnerability in gdb related to writing outside buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to execute arbitrary code...

ROS-20260129-73-0044

Vulnerability in python-django related to failure to protect sql query structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260129-73-0010

A vulnerability in the Despeckle Plugin component of the GIMP graphics editor is related to memory buffer overruns. Exploitation of the vulnerability could allow an attacker to cause a denial of service or execute arbitrary code...

CVE-2026-24856

CVE-2026-24856 affects iccDEV up to version 2.3.1.2. The issue is an undefined behavior when converting floating-point NaN values to unsigned short integers during ICC profile XML parsing, which can corrupt memory structures and enable arbitrary code execution. The fix is in version 2.3.1.2. IBM/...

CVE-2026-24856

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Versions prior to 2.3.1.2 have an undefined behavior issue when floating-point NaN values are converted to unsigned short integer types during ICC profile X...

CVE-2025-61731

Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...

CVE-2025-61731

Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection. Go Vulnerability Report: Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial hg installed, downloading modules from non-standard sources e.g...

CVE-2020-36971

Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system...

CVE-2025-61140

A flaw was found in jsonpath. The value function is vulnerable to Prototype Pollution, a type of vulnerability that allows an attacker to inject or modify properties of an object's prototype. This can lead to various impacts, including arbitrary code execution, privilege escalation, or denial of...

CVE-2020-36971

CVE-2020-36971 affects Nidesoft 3GP Video Converter 2.6.18. The vulnerability is a local stack buffer overflow in the license registration parameter; an attacker can craft a malicious payload in the License Code field to execute arbitrary code on the host. Provided sources consistently describe t...

EUVD-2020-30878

Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system...

CVE-2020-36965 docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)

docPrint Pro 8.0 contains a local buffer overflow vulnerability in the 'Add URL' input field that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload that triggers a structured exception handler SEH overwrite to execute shellcode and gain remo...