CVE-2026-35254

A flaw was found in Oracle OCI CLI. An unauthenticated attacker with network access can exploit this vulnerability, allowing imported files to be placed outside their intended directory. This could lead to arbitrary file placement, potentially enabling an attacker to write malicious files to...

EUVD-2026-26028

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

CVE-2026-30896

The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries DLLs. When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed with the administrative privilege...

EUVD-2026-10295

The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries DLLs. When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed with the administrative privilege...

Unchecked Buffer in Decompression Functions(Q329048)

Two vulnerabilities exist in the Compressed Folders function: An unchecked buffer exists in the programs that handles the decompressing of files from a zipped file. A security vulnerability results because attempts to open a file with a specially malformed filename contained in a zipped file coul...