CVE-2025-47755

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!VS4SaveEnvFile function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution...

CVE-2025-47753

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CDrawSLine::GetRectArea function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution...

PT-2025-21915 · V-Sft · V-Sft

Name of the Vulnerable Software and Affected Versions: V-SFT versions 6.2.5.0 and earlier Description: The issue is related to an out-of-bounds write in the VS6MemInIF!set temp type default function. Opening specially crafted V7 or V8 files may lead to a crash, information disclosure, and arbitra...

Linux Distros Unpatched Vulnerability : CVE-2022-35409

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello...

FreeBSD : lrzsz -- Integer overflow in zmodem, crash and information leak (adffe51e-9df5-11ef-a660-d85ed309193e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the adffe51e-9df5-11ef-a660-d85ed309193e advisory. [email protected] reports: Lrzsz has an integer overflow vulernability in the src/zm.c:zsdata function. An...

Google Chrome Video Encoder Metrics denial of service vulnerability

Talos Vulnerability Report TALOS-2023-1870 Google Chrome Video Encoder Metrics denial of service vulnerability February 28, 2024 CVE Number None SUMMARY A denial of service vulnerability exists in the Video Encoder Metrics functionality of Google Chrome Chrome Stable 119.0.6045.160 64-bit and...

CVE-2023-3397 Kernel: slab-use-after-free write in txend due to race condition

A race condition occurred between the functions lmLogClose and txEnd in JFS, in the Linux Kernel, executed in different threads. This flaw allows a local attacker with normal user privileges to crash the system or leak internal kernel information...

PT-2023-35735 · Git +1 · Ndpi

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN WRITE, with a crash state involving the processCertificateElements function in the fuzz tls certificate.c...

PT-2022-37256 · Git +1 · Bluez

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Heap-double-free. The crash state involves files named fuzz textfile.c. No information is provided abo...

PT-2022-37189 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-underflow read error. Technical details about the crash include the functions gs type2 interpret, copied type1 gly...

Cosori Smart 5.8-Quart Air Fryer CS158-AF configuration server code execution vulnerability

Summary A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability...

Genivia gSOAP WS-Addressing plugin denial-of-service vulnerability

Summary A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Genivia gSOAP 2.8.107 Product UR...

Pixar OpenUSD binary file format specs memory corruption

Summary An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, t...

Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow (SEH)

Exploit Title: Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow SEH Exploit Author: Bobby Cooke Date: 2020-04-11 Vendor: Drive Software Company Vendor Site: http://www.drive-software.com Software Download: http://www.drive-software.com/download/freeclock.exe Tested On:...

Simple DirectMedia Layer SDL2_image Image Palette Population Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Tested...

SUSE-SU-2017:2449-1 Recommended update for apache2

This update for apache2 provides the following fixes: Security issues fixed: CVE-2017-9788: The value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by modauthdigest. Providing an initial key with no '='...

BlueScreenView - Blue Screen of Death (STOP error) information in dump files

BlueScreenView scans all your minidump files created during 'blue screen of death' crashes, and displays the information about all crashes in one table. For each crash, BlueScreenView displays the minidump filename, the date/time of the crash, the basic crash information displayed in the blue...

CVE-2012-5660

Summary: CVE-2012-5660 affects ABRT (Automatic Bug Reporting Tool) components, notably abrt-action-install-debuginfo, in ABRT 2.0.9 and earlier. The vulnerability allows a local attacker to set world-writable permissions on arbitrary files and potentially gain privileges via a symlink attack in t...

abrt: Race condition in abrt-action-install-debuginfo

abrt-action-install-debuginfo in Automatic Bug Reporting Tool ABRT 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to store information about crashes."...

WarFTPd 1.82.00-RC12 - 'LIST' Format String Denial of Service

Vulnerability : War FTP Daemon Format String DoS LIST command Detected by : corelanc0d3r corelanc0d3ratgmaildotcom Type : remote DoS OS : Windows Product : Jgaa's War FTP Daemon Versions affected : 1.82 RC 12 Download link : http://www.warftp.org/?menu=344...