74 matches found
CVE-2025-69689
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...
Astra Linux - уязвимость в thunderbird, firefox
A website could have obscured the full-screen notification by using the file open dialog. This could have caused confusion among users and potentially led to spoofing attacks. This vulnerability affects Firefox 116, Firefox ESR 115.2, and Thunderbird 115.2...
CVE-2025-69689
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...
CVE-2025-69689
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...
CVE-2025-69689
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...
EUVD-2025-209578
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...
PT-2026-35491
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...
Fan Control 安全漏洞
Fan Control is a cooling fan control software developed by Rémi Mercier. The Fan Control V251 version contains a security vulnerability, which stems from improper handling of Open File Dialog permissions. This vulnerability could allow local attackers to execute operations with administrator...
CVE-2025-69689
The CVE-2025-69689 entry concerns the Fan Control application (v251) with an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, enabling a local attacker to perform actions with administrator-level privileges. CVS...
CVE-2025-69689
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...
CVE-2026-34772
CVE-2026-34772 – Electron Use-After-Free in download save dialog callback . The issue affects Electron applications that allow downloads and programmatically destroy sessions. If the session is torn down while a native save-file dialog for a download is open, dismissing the dialog may dereference...
CVE-2026-34772 Electron: Use-after-free in download save dialog callback
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, apps that allow downloads and programmatically destroy sessions may be vulnerable to a use-after-free. If a session is torn down whi...
CVE-2026-34772
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, apps that allow downloads and programmatically destroy sessions may be vulnerable to a use-after-free. If a session is torn down whi...
EUVD-2026-14346
GV Edge Recording Manager ERM v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system. During installation, ERM creates a Windows service that runs under the LocalSystem account. When the ERM application is...
CVE-2026-4606
GV Edge Recording Manager ERM v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system. During installation, ERM creates a Windows service that runs under the LocalSystem account. When the ERM application is...
CVE-2020-37140 Everest 5.50.2100 - 'Open File' Denial of Service
Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and paste it into the file open dialog to trigge...
CVE-2020-37140 Everest 5.50.2100 - 'Open File' Denial of Service
Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and paste it into the file open dialog to trigge...
EUVD-2005-0244
Malware in sbrugna...
EUVD-2022-7410
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-4776
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A file dialog shown while in full-screen mode could have resulted in the window remaining disabled. This vulnerability affects Firefox 126. CVE-2024-4776 Note...