25 matches found
CVE-2020-37193
CVE-2020-37193 concerns ZIP Password Recovery 2.30, which contains a denial-of-service vulnerability that can crash the application when a specially prepared text file (with specific characters) is used while selecting a ZIP file. The initial document provides CVSS data (4.0/4.6 in CVSS 4.0 with ...
CVE-2020-36967
Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler SEH overwrite and execute arbitrary commands ...
CVE-2020-36967
Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler SEH overwrite and execute arbitrary commands ...
CVE-2020-36967
Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler SEH overwrite and execute arbitrary commands ...
CVE-2020-36967 Zortam Mp3 Media Studio 27.60 - Remote Code Execution (SEH)
Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler SEH overwrite and execute arbitrary commands ...
CVE-2020-36967
CVE-2020-36967 affects Zortam Mp3 Media Studio 27.60. The vulnerability is a buffer overflow in the library creation file selection process that can trigger a structured exception handler (SEH) overwrite, enabling remote code execution when a crafted malicious text file is opened or processed. Th...
EUVD-2020-30883
Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler SEH overwrite and execute arbitrary commands ...
PT-2026-5158
Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler SEH overwrite and execute arbitrary commands ...
EUVD-2020-30556
Malware in sbrugna...
CVE-2025-2819 Unrestricted Fileupload
There is a risk of unauthorized file uploads in GT-SoftControl and potential file overwrites due to insufficient validation in the file selection process. This could lead to data integrity issues and unauthorized access by an authenticated privileged user...
CVE-2025-23086
CVE-2025-23086 affects Brave Browser (versions 1.70.x–1.73.x) and concerns the feature that shows a site’s origin in the OS file selector dialog when a user is prompted to upload or download a file. The issue arises because the origin could be inferred incorrectly in certain cases, and when combi...
Brave Browser 输入验证错误漏洞
Brave Browser is a fast, private and secure web browser for PC, Mac and mobile devices from Brave, Inc. An input validation error vulnerability exists in Brave Browser versions 1.70.x through 1.73.x. The vulnerability stems from the source of a site not being correctly identified in the file...
VulnCheck KEV: CVE-2019-6111
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned only directory traversal attacks are...
Triologic Media Player 8 Buffer Overflow
Exploit Title: Triologic Media Player 8 - '.m3l' Local Buffer Overflow Unicode SEH Date: 04/04/2020 Author: Felipe Winsnes Software Link: http://download.cnet.com/Triologic-Media-Player/3000-21394-10691520.html Version: 8 Tested on: Windows 7 x86 Proof of Concept: 1.- Run the python script, it wi...
CVE-2020-9777
CVE-2020-9777 affects Apple’s Mail Attachments component in iOS/iPadOS. The issue is described as a problem in the selection of video files by Mail, which could cause cropped videos to be shared improperly. The vulnerability is addressed by Apple in iOS 13.4 and iPadOS 13.4, where the fix involve...
NetKit Input Validation Vulnerability
NetKit is a network environment simulation system. A security vulnerability exists in NetKit 0.17 and earlier versions, which stems from the fact that the server selects the file/directory to be sent to the client, but the rcp client only loosely validates the name of the returned object. An...
Design/Logic Flaw
The vulnerability exists within processing of sendmail.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The applet allows callers to select arbitrary files to send to an arbitrary email address...
CVE-2018-7770
The vulnerability exists within processing of sendmail.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The applet allows callers to select arbitrary files to send to an arbitrary email address...
CVE-2018-7770
CVE-2018-7770 affects Schneider Electric U.motion Builder; the vulnerability exists in processing of sendmail.php, allowing an attacker to select arbitrary files to send to any email address. Affected are U.motion Builder versions prior to v1.3.4. Impact is information disclosure via path travers...
SWFupload 2.5.0 - Cross Frame Scripting (XFS) Vulnerability
Document Title: =============== SWFupload 2.5.0 - Cross Frame Scripting XFS Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1422 Release Date: ============= 2015-01-25 Vulnerability Laboratory ID VL-ID: ====================================...