5032 matches found
CVE-2026-32680
The issue concerns RATOC RAID Monitoring Manager for Windows. If users customize the installer’s target folder, that folder may retain insecure ACLs, allowing non-administrative users to alter its contents. This can enable a non-administrative user to execute arbitrary code with SYSTEM privileges...
CVE-2026-32680
The installer of RATOC RAID Monitoring Manager for Windows allows to customize the installation folder. If the installation folder is customized to some non-default one, the folder may be left with un-secure ACLs and non-administrative users can alter contents of that folder. It may allow a...
CVE-2026-32680
The installer of RATOC RAID Monitoring Manager for Windows allows to customize the installation folder. If the installation folder is customized to some non-default one, the folder may be left with un-secure ACLs and non-administrative users can alter contents of that folder. It may allow a...
PT-2026-28380
Name of the Vulnerable Software and Affected Versions Tandoor Recipes versions prior to 2.6.0 Description Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the SyncViewSet.query synced folder action in...
RATOC RAID Monitoring Manager for Windows 安全漏洞
RATOC RAID Monitoring Manager for Windows is a software developed by RATOC RAID in Japan, designed for monitoring and managing the RAID hard drive boxes it supports. RATOC RAID Monitoring Manager for Windows has a security vulnerability; this vulnerability stems from the installation program’s...
FileRise 安全漏洞
FileRise is a lightweight, self-hosted web-based file manager developed by Ryan. Versions of FileRise 3.10.0 and earlier have security vulnerabilities, which stem from server-side authorization flaws. These vulnerabilities could allow users to read file segments from other users within the same...
SUSE CVE-2026-30914
SFTPGo is an open source, event-driven file transfer solution. In SFTPGo versions prior to 2.7.1, a path normalization discrepancy between the protocol handlers and the internal Virtual Filesystem routing can lead to an authorization bypass. An authenticated attacker can craft specific file paths...
PT-2026-27472
Name of the Vulnerable Software and Affected Versions IDrive versions affected versions not specified Description The id service.exe process operates with elevated privileges and routinely reads files located in the C:ProgramDataIDrive directory. These files, encoded in UTF16-LE, are used as...
EUVD-2019-19965
Admin Express 1.2.5.485 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an alphanumeric encoded payload in the Folder Path field. Attackers can trigger the vulnerability through the System Compare...
EUVD-2019-19977
AdminExpress 1.2.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the System Compare feature. Attackers can paste a large buffer of characters into the Folder Path field and trigger the comparison function to...
CVE-2019-25618
AdminExpress 1.2.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the System Compare feature. Attackers can paste a large buffer of characters into the Folder Path field and trigger the comparison function to...
CVE-2019-25612
Admin Express 1.2.5.485 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an alphanumeric encoded payload in the Folder Path field. Attackers can trigger the vulnerability through the System Compare...
CVE-2019-25618 AdminExpress 1.2.5 Denial of Service via System Compare
AdminExpress 1.2.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the System Compare feature. Attackers can paste a large buffer of characters into the Folder Path field and trigger the comparison function to...
CVE-2019-25618 AdminExpress 1.2.5 Denial of Service via System Compare
AdminExpress 1.2.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the System Compare feature. Attackers can paste a large buffer of characters into the Folder Path field and trigger the comparison function to...
CVE-2019-25618
AdminExpress 1.2.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the System Compare feature. Attackers can paste a large buffer of characters into the Folder Path field and trigger the comparison function to...
CVE-2019-25618
AdminExpress 1.2.5 is affected by a local-denial-of-service in the System Compare feature. An attacker can submit oversized input in the Folder Path field, sending a large buffer of characters to trigger the comparison function and cause the application to become unresponsive or crash. This is a ...
CVE-2019-25612 Admin Express 1.2.5.485 Local SEH Buffer Overflow via Folder Path
Admin Express 1.2.5.485 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an alphanumeric encoded payload in the Folder Path field. Attackers can trigger the vulnerability through the System Compare...
CVE-2019-25612 Admin Express 1.2.5.485 Local SEH Buffer Overflow via Folder Path
Admin Express 1.2.5.485 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an alphanumeric encoded payload in the Folder Path field. Attackers can trigger the vulnerability through the System Compare...
CVE-2019-25612
CVE-2019-25612 affects Admin Express 1.2.5.485. It describes a local SEH buffer overflow in the Folder Path field triggered via the System Compare feature, where a crafted payload can execute shellcode with application privileges. Public references include Exploit-DB, confirming exploit availabil...
CVE-2019-25612
Admin Express 1.2.5.485 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an alphanumeric encoded payload in the Folder Path field. Attackers can trigger the vulnerability through the System Compare...