16 matches found
CVE-2026-41392 OpenClaw < 2026.3.31 - Exec Allowlist Bypass via Shell Init-File Options
OpenClaw before 2026.3.31 contains an exec allowlist bypass vulnerability allowing attackers to inherit allowlist trust via shell init-file wrapper invocations. Attackers can exploit shell options like --rcfile, --init-file, and --startup-file to load attacker-chosen initialization files while...
CVE-2018-25286
Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition...
CVE-2018-25286
The CVE-2018-25286 entry affects Easy PhotoResQ 1.0 and describes a buffer overflow in the Folder/filename field. According to the connected documentation, an attacker can supply a 6000-byte payload via the File Options dialog to cause a denial-of-service crash locally. The impact is a crash/DoS ...
CVE-2018-25286 Easy PhotoResQ 1.0 Buffer Overflow Denial of Service
Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition...
CVE-2018-25286 Easy PhotoResQ 1.0 Buffer Overflow Denial of Service
Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition...
CVE-2018-25286
Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition...
EUVD-2018-21806
Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition...
PT-2026-35256
Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition...
Incomplete List of Disallowed Inputs
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs via the exec allowlist component. An attacker can execute unauthorized scripts by leveraging shell init-file options such as --rcfile, --init-file, or...
EUVD-2004-1136
Malware in sbrugna...
Recommended update for grub2
This update for grub2 fixes the following issues: CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grubcryptomemcmp bsc1234959 Other fixes: - Fix test -f and -s do not work properly over the network files served via tftp and http bsc1246157, bsc1246237 - Skip mount...
Remote Code Execution (RCE)
cart2quote/module-quotation-encoded is vulnerable to Remote Code Execution RCE. The vulnerability is due to the use of the unserialize function when processing data from a GET request, which can be exploited by attackers to execute arbitrary code remotely, particularly when custom file options ar...
GHSA-PGJ4-G5J4-CMFX cart2quote/module-quotation-encoded Remote Code Execution via downloadCustomOptionAction
cart2quote/module-quotation-encoded extension may expose a critical security vulnerability by utilizing the unserialize function when processing data from a GET request. This flaw, present in the app/code/community/Ophirah/Qquoteadv/controllers/DownloadController.php and...
cart2quote/module-quotation-encoded Remote Code Execution via downloadCustomOptionAction
cart2quote/module-quotation-encoded extension may expose a critical security vulnerability by utilizing the unserialize function when processing data from a GET request. This flaw, present in the app/code/community/Ophirah/Qquoteadv/controllers/DownloadController.php and...
GPS-SDR-SIM - Software-Defined GPS Signal Simulator
GPS-SDR-SIM generates GPS baseband signal data streams, which can be converted to RF using software-defined radio SDR platforms, such as bladeRF, HackRF, and USRP. Windows build instructions 1. Start Visual Studio. 2. Create an empty project for a console application. 3. On the Solution Explorer ...
CVE-2017-6417
Code injection vulnerability in Avira Total Security Suite 15.0 and earlier, Optimization Suite 15.0 and earlier, Internet Security Suite 15.0 and earlier, and Free Security Suite 15.0 and earlier allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full...