CVE-2026-21427

The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running installer...

EUVD-2026-1590

The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running installer...

CVE-2025-66837

A file upload vulnerability in ARIS 10.0.23.0.3587512 allows attackers to execute arbitrary code via uploading a crafted PDF file/Malware...

CVE-2025-66913

Summary (CVE-2025-66913) JimuReport (through v2.1.3) is vulnerable to remote code execution when handling user-controlled H2 JDBC URLs: the application passes the attacker-supplied JDBC URL directly to the H2 driver, allowing directives to execute arbitrary Java code. The issue is distinct from C...

libsoup 安全漏洞

libsoup is a GNOME HTTP client/server library from the GNOME Project. A security vulnerability exists in libsoup, which stems from a stack buffer overflow in the md4sum function in the NTLM authentication module, which could lead to the execution of arbitrary code...

PT-2026-1977

Name of the Vulnerable Software and Affected Versions libsoup affected versions not specified Description A flaw exists in the NTLM authentication handling of the libsoup HTTP library. An improper use of signed integers during a size calculation when processing long passwords can lead to an integ...

Trend Micro Apex Central 安全漏洞

Trend Micro Apex Central is a web-based console from Trend Micro, Inc. A security vulnerability exists in Trend Micro Apex Central, which stems from a LoadLibraryEX vulnerability that could lead to the execution of arbitrary code by an unauthenticated, remote attacker...

CVE-2019-25268 NREL BEopt 2.8.0 Insecure Library Loading Arbitrary Code Execution

NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that allows attackers to load arbitrary libraries by tricking users into opening application files from remote shares. Attackers can exploit insecure library loading of sdl2.dll and libegl.dll by placing malicious libraries on WebDAV or SM...

CVE-2019-25231

Summary of CVE-2019-25231 (Devolo dLAN Cockpit 4.3.1) : The unquoted service path vulnerability affects the DevoloNetworkService in devolo dLAN Cockpit 4.3.1, allowing local, non-privileged users to potentially execute arbitrary code by placing malicious code in the system root path. This could e...

CVE-2026-22189

Panda3D versions up to and including 1.10.16 egg-mkfont contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern -gp into a fixed-size stack buff...

CVE-2025-66837

A file upload vulnerability in ARIS 10.0.23.0.3587512 allows attackers to execute arbitrary code via uploading a crafted PDF file/Malware...

CVE-2025-66837

A file upload vulnerability in ARIS 10.0.23.0.3587512 allows attackers to execute arbitrary code via uploading a crafted PDF file/Malware...

CVE-2013-6079

Buffer overflow in MostGear Soft Easy LAN Folder Share 3.2.0.100 allows local users to cause a denial of service application crash and possibly execute arbitrary code via a long string in the 1 registration code field in the activate license window or the 2...

CVE-2022-27541

Potential Time-of-Check to Time-of Use TOCTOU vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure...

CVE-2022-27532

A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files. This vulnerability in conjunction with other vulnerabilities could lead to arbitrary code execution...

CVE-2022-27963

Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27870

A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code...

CVE-2022-27869

A maliciously crafted TIFF file in Autodesk AutoCAD 2023 can be forced to read and write beyond allocated boundaries when parsing the TIFF file. This vulnerability can be exploited to execute arbitrary code...

CVE-2022-27964

Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file...

CVE-2022-27865

A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to execute arbitrary code...