CVE-2018-25267 UltraISO 9.7.1.3519 Buffer Overflow via Output FileName

UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite...

Linux Distros Unpatched Vulnerability : CVE-2026-4426

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field pzlog2bs...

DEBIAN-CVE-2025-67749

PCSX2 is a free and open-source PlayStation 2 PS2 emulator. In versions 2.5.377 and below, an unchecked offset and size used in a memcpy operation inside PCSX2's CDVD SCMD 0x91 and SCMD 0x8F handlers allow a specially crafted disc image or ELF to cause an out-of-bounds read from emulator memory...

CVE-2025-67749 PCSX2 has an Out-of-bounds Read due to unchecked offset and size passed to memcpy

PCSX2 is a free and open-source PlayStation 2 PS2 emulator. In versions 2.5.377 and below, an unchecked offset and size used in a memcpy operation inside PCSX2's CDVD SCMD 0x91 and SCMD 0x8F handlers allow a specially crafted disc image or ELF to cause an out-of-bounds read from emulator memory...

CVE-2025-67749

CVE-2025-67749 affects PCSX2 up to version 2.5.377. The issue arises from an unchecked offset and size used in a memcpy inside CDVD SCMD 0x91 and 0x8F handlers, allowing an specially crafted disc image or ELF to cause an out-of-bounds read from emulator memory (offset/size controlled via MG heade...

Linux Distros Unpatched Vulnerability : CVE-2025-49589

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCSX2 is a free and open-source PlayStation 2 PS2 emulator. A stack-based buffer overflow exists in the KprintfHLE function of PCSX2 versions up to 2.3.414...

SUSE CVE-2024-36600

Buffer Overflow Vulnerability in libcdio 2.2.0 fixed in 2.3.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file...

China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz

The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar's Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place in November...

SUSE CVE-2015-8930

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service infinite loop via an ISO with a directory that is a member of itself...

PT-2022-5404 · Microsoft · Windows Cd-Rom File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows CD-ROM File System Driver affected versions not specified Description: The issue is related to an integer overflow in the Windows CD-ROM File System Driver. This allows a remote attacker to execute arbitrary code by using a specially...

CVE-2020-9320

Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security Gateway, Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and...

libcdio: Heap-based buffer over-read in print_iso9660_recurse function in iso-info.c

A heap corruption bug was found in the way libcdio handled processing of ISO files. An attacker could potentially use this flaw to crash applications using libcdio by tricking them into processing crafted ISO files, thus resulting in local DoS...

DEBIAN-CVE-2016-6250

Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service application crash or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow...

kernel: isofs: unchecked printing of ER records

An information leak flaw was found in the way the Linux kernel's ISO9660 file system implementation accessed data on an ISO9660 image with RockRidge Extension Reference ER records. An attacker with physical access to the system could use this flaw to disclose up to 255 bytes of kernel memory...

kernel: isofs: unchecked printing of ER records

An information leak flaw was found in the way the Linux kernel's ISO9660 file system implementation accessed data on an ISO9660 image with RockRidge Extension Reference ER records. An attacker with physical access to the system could use this flaw to disclose up to 255 bytes of kernel memory...

Debian DLA-155-1 : linux-2.6 security update

This update fixes the CVEs described below. A further issue, CVE-2014-9419, was considered, but appears to require extensive changes with a consequent high risk of regression. It is now unlikely to be fixed in squeeze-lts. CVE-2013-6885 It was discovered that under specific circumstances, a...

kernel: isofs: unbound recursion when processing relocated directories

It was found that the parserockridgeinodeinternal function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link CL tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the...

kernel: isofs: unbound recursion when processing relocated directories

It was found that the parserockridgeinodeinternal function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link CL tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the...

DEBIAN-CVE-2014-5472

The parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service unkillable mount process via a crafted iso9660 image with a self-referential CL entry...

USN-1963-1: usb-creator vulnerability

It was discovered that usb-creator was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...