EUVD-2018-21953

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft a malicious input file with a 672-byte offset to overwrite the nSEH and SEH pointers, enabling code execution through...

Fedora 44 : mingw-objfw (2026-59c21cd48b)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-59c21cd48b advisory. Update to 1.5.4. Fixes a buffer overflow caused by integer promotion rules in OFBMPImageFormatHandler and OFQOIImageFormatHandler. ---- Update to 1.5.3 Tenab...

PT-2026-45766

Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bios handlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...

PT-2026-45821

A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. This affects the function resolveAuth of the file internal/http/auth.go of the component Webhook Verification Handler. The manipulation leads to missing authentication. Remote exploitation of the attack is possibl...

PT-2026-45857

Name of the Vulnerable Software and Affected Versions BrowserStack Runner versions 0.1.0 through 0.9.5 Description An issue in the '/ log' HTTP handler allows unauthenticated network-adjacent attackers to execute arbitrary code by submitting crafted JSON request bodies. The handler passes...

PT-2026-45869

Name of the Vulnerable Software and Affected Versions ahujasid blender-mcp versions prior to 5b37be25242e73dc4cf1328974d30458b9e5d67e Description Server-side request forgery can be executed remotely via the ZIP File Handler component. The issue exists in the requests.get function within the...

Fedora 43 : objfw (2026-dd875b58bb)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-dd875b58bb advisory. Update to 1.5.4. Fixes a buffer overflow caused by integer promotion rules in OFBMPImageFormatHandler and OFQOIImageFormatHandler. ---- Update to 1.5.3 Tenab...

PT-2026-45795

A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler. Executing a manipulation of the argument msg can lead to sql injection. The attack can be launched remotely. The exploit has been public...

PT-2026-45745

Path traversal in restore handler in Collibra Agent, allows an attacker to write arbitrary files via a crafted ZIP archive. Collibra Agent fails to properly validate and canonicalize file path during ZIP extraction, this can allow an attacker to write files outside the intended extraction directo...

CVE-2018-25432

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft a malicious input file with a 672-byte offset to overwrite the nSEH and SEH pointers, enabling code execution through...

CVE-2018-25427

Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by supplying oversized input to the IP address or domain field. Attackers can craft malicious input exceeding 658 bytes with shellcode to overwrite the structured exception...

CVE-2026-49139

Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the Microsoft Teams channel handler that allows remote attackers to exfiltrate Bot Framework bearer tokens by supplying a forged activity with an attacker-controlled serviceUrl value. Attackers can poison the...

CVE-2026-10284

A flaw has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by this vulnerability is the function editComment/doDeleteComment of the file app/Filament/Resources/TicketResource/Pages/ViewTicket.php of the component Livewire Handler. Executing a manipulation can lead to...

CVE-2026-0085

In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large contact name due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0085

In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large contact name due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0085

CVE-2026-0085 relates to a vulnerability in the DataRowHandler.java function applySimpleFieldMaxSize , where improper input validation could allow inserting an unusually large contact name. The result is a local Denial of Service with no extra privileges and no user interaction required. Document...

CVE-2018-25432 Arm Whois 3.11 Buffer Overflow via ASLR Bypass

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft a malicious input file with a 672-byte offset to overwrite the nSEH and SEH pointers, enabling code execution through...

CVE-2018-25432

Arm Whois 3.11 is affected by a local buffer overflow that allows code execution via exception handler hijacking. An input file crafted with a 672-byte offset can overwrite nSEH and SEH pointers, enabling arbitrary code execution when the structured exception handler is triggered. CVSS data prese...

CVE-2018-25432 Arm Whois 3.11 Buffer Overflow via ASLR Bypass

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft a malicious input file with a 672-byte offset to overwrite the nSEH and SEH pointers, enabling code execution through...

CVE-2018-25427 Arm Whois 3.11 Buffer Overflow via SEH Overwrite

Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by supplying oversized input to the IP address or domain field. Attackers can craft malicious input exceeding 658 bytes with shellcode to overwrite the structured exception...