ArmCode Arm Whois 安全漏洞

ArmCode Arm Whois is a web information query tool developed by ArmCode Corporation. Version 3.11 of ArmCode Arm Whois contains a security vulnerability. This vulnerability stems from a buffer overflow, which may allow local attackers to execute arbitrary code by overriding structured exception...

CVE-2019-25661 Remote Process Explorer 1.0.0.16 Local Buffer Overflow DoS

Remote Process Explorer 1.0.0.16 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by sending a crafted payload to the Add Computer dialog. Attackers can paste a malicious string into the computer name textbox and trigger a crash by connecting to th...

cpp-httplib 信息泄露漏洞

cpp-httplib is a C++ library developed by Yhirose, which includes servers and clients for HTTP/HTTPS communication. Versions of cpp-httplib prior to 0.35.0 contained an information leakage vulnerability. This vulnerability occurred when custom exception handlers were not registered properly,...

ChaosPro 安全漏洞

ChaosPro is an open-source fractal geometry generation software developed by ChaosPro. Version 2.0 of ChaosPro contains a security vulnerability, which stems from buffer overflows in the handling of configuration file paths. This vulnerability could potentially allow arbitrary code to execute by...

CVE-2021-47785

Ether MP3 CD Burner 1.3.8 contains a buffer overflow vulnerability in the registration name field that allows remote code execution. Attackers can craft a malicious payload to overwrite SEH handlers and execute a bind shell on port 3110 by exploiting improper input validation...

PT-2026-3157

Name of the Vulnerable Software and Affected Versions Ether MP3 CD Burner version 1.3.8 Description The software contains a buffer overflow issue in the registration name field. This allows for remote code execution. An attacker can create a malicious payload to overwrite SEH handlers and execute...

UBUNTU-CVE-2025-40124

In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for UltraSPARC III Anthony Yznaga tracked down that a BUGON in ext4 code with large folios enabled resulted from copyfromuser returning impossibly large values greater tha...

CVE-2010-20119

CommuniCrypt Mail versions up to and including 1.16 contains a stack-based buffer overflow vulnerability in its ANSMTP.dll and AOSMTP.dll ActiveX controls, specifically within the AddAttachments method. This method fails to properly validate the length of input strings, allowing data to exceed th...

PT-2025-34288 · Undefined · Undefined

CommuniCrypt Mail versions up to and including 1.16 contains a stack-based buffer overflow vulnerability in its ANSMTP.dll and AOSMTP.dll ActiveX controls, specifically within the AddAttachments method. This method fails to properly validate the length of input strings, allowing data to exceed th...

By-passing Protection of PharStreamWrapper Interceptor

Insecure deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application. In July 2018, the vulnerability of insecure deserialization when executing Phar archives was addressed by removing the known attack vector in the TYPO3 core. For more details...

SUSE CVE-2009-3799

Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exceptioncount value that triggers memory corruption, related to "generation of...

Chinese APT Earth Preta runs spearphishing campaigns

Threat Level Actors Report For a detailed threat advisory, download the pdf file here Summary Earth Preta, an APT gang, staged a large-scale cyber espionage campaign in which the malware was transmitted via spear-phishing emails. The actors use various strategies to avoid detection and analysis,...

Insertion of Sensitive Information into Log File in typo3/cms-core

Meta CVSS: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C 4.9 Problem It has been discovered that system internal credentials or keys e.g. database credentials have been logged as plaintext in exception handlers, when logging the complete exception stack trace. Solution Update to TYPO...

GHSA-FH99-4PGR-8J99 Insertion of Sensitive Information into Log File in typo3/cms-core

Meta CVSS: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C 4.9 Problem It has been discovered that system internal credentials or keys e.g. database credentials have been logged as plaintext in exception handlers, when logging the complete exception stack trace. Solution Update to TYPO...

CVE-2022-31047 Insertion of Sensitive Information into Log File in typo3/cms-core

TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, system internal credentials or keys e.g. database credentials can be logged as plaintext in exception handlers, when logging the complete exception stack trace...

GSD-2022-1002477 MIPS: fix fortify panic when copying asm exception handlers

MIPS: fix fortify panic when copying asm exception handlers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.311 by commit...

GSD-2022-1001999 MIPS: fix fortify panic when copying asm exception handlers

MIPS: fix fortify panic when copying asm exception handlers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.111 by commit...

GSD-2022-1001716 MIPS: fix fortify panic when copying asm exception handlers

MIPS: fix fortify panic when copying asm exception handlers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.34 by commit...

GSD-2022-1001390 MIPS: fix fortify panic when copying asm exception handlers

MIPS: fix fortify panic when copying asm exception handlers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.20 by commit...

GSD-2022-1001048 MIPS: fix fortify panic when copying asm exception handlers

MIPS: fix fortify panic when copying asm exception handlers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.3 by commit...