CVE-2019-25318

The CVE describes a stack overflow in AVS Audio Converter 9.1.2.600 triggered by manipulating the output folder text input. A crafted payload can overwrite stack memory and execute arbitrary code, resulting in a bind shell on port 9999 when the Browse button is clicked. No remediation details are...

CVE-2019-25318 AVS Audio Converter 9.1.2.600 - Stack Overflow

AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button ...

PT-2026-7930

AVS Audio Converter 9.1 contains a local buffer overflow vulnerability that allows local attackers to overwrite CPU registers by manipulating the 'Exit folder' input field. Attackers can craft a specially designed text file with 264 bytes of padding followed by register overwrite values to...

AVS4YOU AVS Audio Converter 安全漏洞

AVS4YOU AVS Audio Converter is a software application developed by AVS4YOU Corporation. It is used to convert audio files from one format to another according to your preferences, and to save them on a hard drive. Version 9.1 of AVS4YOU AVS Audio Converter contains a security vulnerability caused...

PT-2026-7918

AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button ...

AVS4YOU AVS Audio Converter 安全漏洞

AVS4YOU AVS Audio Converter is a software application developed by AVS4YOU Corporation. It is used to convert audio files from one format to another at your discretion, and to save them onto a hard drive. Version 9.1.2.600 of AVS4YOU AVS Audio Converter has a security vulnerability; this...

CVE-2026-25880

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

CVE-2026-25880

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

CVE-2026-25880

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

CVE-2026-25880 Untrusted Search Path in SumatraPDF Reader (explorer.exe on Windows)

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

CVE-2026-25880 Untrusted Search Path in SumatraPDF Reader (explorer.exe on Windows)

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

CVE-2026-25880

SumatraPDF (Windows)

CVE-2026-25880 Untrusted Search Path in SumatraPDF Reader (explorer.exe on Windows)

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

PT-2026-7164

Name of the Vulnerable Software and Affected Versions SumatraPDF versions prior to 3.5.3 Description SumatraPDF, a multi-format reader for Windows, allows execution of a malicious binary, specifically explorer.exe, located in the same directory as an opened PDF file. This occurs when a user click...

Linux Distros Unpatched Vulnerability : CVE-2026-25635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user h...

CVE-2020-37160

SprintWork 2.3.1 is affected by local privilege escalation due to insecure file, service, and folder permissions on Windows. Affected component: SprintWork executable/related services that allow creation of a new administrative user, leading to full system compromise. Root cause identified as ins...

CVE-2026-25635

calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows haven't tested on other OS's, this can lead to Remote Code Execution by writing a payload to the Startup...

CVE-2026-25635

calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows haven't tested on other OS's, this can lead to Remote Code Execution by writing a payload to the Startup...

UBUNTU-CVE-2026-25635

calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows haven't tested on other OS's, this can lead to Remote Code Execution by writing a payload to the Startup...

CVE-2026-25635 calibre has a Path Traversal Leading to Arbitrary File Write and Potential Code Execution

calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows haven't tested on other OS's, this can lead to Remote Code Execution by writing a payload to the Startup...