CVE-2018-25286

Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition...

CVE-2018-25286

The CVE-2018-25286 entry affects Easy PhotoResQ 1.0 and describes a buffer overflow in the Folder/filename field. According to the connected documentation, an attacker can supply a 6000-byte payload via the File Options dialog to cause a denial-of-service crash locally. The impact is a crash/DoS ...

CVE-2018-25284 HD Tune Pro 5.70 Denial of Service via Options Dialog

HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Attackers can trigger a denial of service by entering a 6000-byte payload through the File Options Save dialog's...

EUVD-2018-21804

HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Attackers can trigger a denial of service by entering a 6000-byte payload through the File Options Save dialog's...

CVE-2018-25277 PixGPS 1.1.8 Buffer Overflow Denial of Service

PixGPS 1.1.8 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string to the folder path input field. Attackers can craft a payload exceeding 6000 bytes and paste it into the 'Folder with picture files' field to trigger a denia...

CVE-2018-25277

PixGPS 1.1.8 contains a buffer overflow vulnerability in the folder path input field that can crash the application via an oversized payload. Attackers can craft a string exceeding 6000 bytes and paste it into the 'Folder with picture files' field to trigger a denial of service. The CVSS data ind...

EUVD-2018-21797

PixGPS 1.1.8 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string to the folder path input field. Attackers can craft a payload exceeding 6000 bytes and paste it into the 'Folder with picture files' field to trigger a denia...

CVE-2018-25277 PixGPS 1.1.8 Buffer Overflow Denial of Service

PixGPS 1.1.8 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string to the folder path input field. Attackers can craft a payload exceeding 6000 bytes and paste it into the 'Folder with picture files' field to trigger a denia...

CVE-2018-25277

PixGPS 1.1.8 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string to the folder path input field. Attackers can craft a payload exceeding 6000 bytes and paste it into the 'Folder with picture files' field to trigger a denia...

PixGPS 安全漏洞

PixGPS is an image geolocation marking tool developed by PixGPS Inc. Based on positioning technology. Version 1.1.8 of PixGPS contains a security vulnerability. This vulnerability arises from a buffer overflow when submitting excessively long strings in the folder path input field. This could all...

HD Tune Easy PhotoResQ 安全漏洞

HD Tune Easy PhotoResQ is a image recovery tool developed by HD Tune Corporation, designed for restoring photos that have been accidentally deleted or damaged. Version 1.0 of HD Tune Easy PhotoResQ contains a security vulnerability. This vulnerability stems from the use of an excessively long...

PT-2026-35256

Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition...

PT-2026-35247

PixGPS 1.1.8 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string to the folder path input field. Attackers can craft a payload exceeding 6000 bytes and paste it into the 'Folder with picture files' field to trigger a denia...

PT-2026-35254

HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Attackers can trigger a denial of service by entering a 6000-byte payload through the File Options Save dialog's...

GHSA-WPQR-6V78-JR5G Gemini CLI: Remote Code Execution via workspace trust and tool allowlisting bypasses

Summary Gemini CLI @google/gemini-cli and the run-gemini-cli GitHub Action are being updated to harden workspace trust and tool allowlisting, in particular when used in untrusted environments like GitHub Actions. This update introduces a breaking change to how non-interactive headless environment...

PT-2026-34838

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.25.0 Description An off-by-one error exists in the path traversal filter within channels/drive/client/drive file.c. The contains dotdot function fails to detect .. when it is the final component of a path without a...

CVE-2025-10549 DLL Hijacking in EfficientLab Controlio Leads to Local Privilege Escalation

EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected...

EUVD-2026-25138

The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...

CVE-2026-32679

The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...

PT-2026-34644

EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected...