CVE-2026-10047 Out-of-bounds write in Napoca real-mode hook handler via guest-controlled SS:SP (VA-13905)

The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the real-mode hook handler, implemented in napoca/kernel/handler.c. The handler uses a guest-controlled SS:SP-derived offset as an index into the 1MB RealModeMemory buffer without bounds validation. With...

EUVD-2026-33944

The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the real-mode hook handler, implemented in napoca/kernel/handler.c. The handler uses a guest-controlled SS:SP-derived offset as an index into the 1MB RealModeMemory buffer without bounds validation. With...

CVE-2026-10047

The CVE-2026-10047 entry describes an out-of-bounds write in Bitdefender Napoca bare-metal hypervisor’s real-mode hook handler (napoca/kernel/handler.c). The vulnerability arises from using a guest-controlled SS:SP-derived offset as an index into the 1MB RealModeMemory buffer without bounds check...

CVE-2026-10047 Out-of-bounds write in Napoca real-mode hook handler via guest-controlled SS:SP (VA-13905)

The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the real-mode hook handler, implemented in napoca/kernel/handler.c. The handler uses a guest-controlled SS:SP-derived offset as an index into the 1MB RealModeMemory buffer without bounds validation. With...

EUVD-2026-33494

A vulnerability was identified in Aider-AI Aider 0.86.3. Affected is an unknown function of the file aider/args.py of the component Pre-commit Hook Handler. Such manipulation of the argument git-commit-verify leads to protection mechanism failure. The attack may be launched remotely. The exploit ...

Aider 安全漏洞

Aider is an open-source terminal AI pair programming tool developed by Aider AI. Version 0.86.3 of Aider contains a security vulnerability. This vulnerability stems from the git-commit-verify operation in the Pre-commit Hook Handler component, which causes the protection mechanism to fail. An...

Race condition

Race condition in Malware Defender 2.6.0 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler...

CVE-2010-5172

Race condition in Panda Internet Security 2010 15.01.00 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

CVE-2010-5160

Race condition in ESET Smart Security 4.2.35.3 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

CVE-2010-5150

Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

CVE-2010-5178

Race condition in ThreatFire 4.7.0.17 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler...

Buffer overflow

Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service system crash and possibly execute arbitrary code in the kernel context via crafted arguments to 1 IOCTL functions in the Firewall module or 2 SSDT hook handler functions in the Registry module...

CVE-2008-0365

Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service system crash and possibly execute arbitrary code in the kernel context via crafted arguments to 1 IOCTL functions in the Firewall module or 2 SSDT hook handler functions in the Registry module...

CVE-2008-0365

Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service system crash and possibly execute arbitrary code in the kernel context via crafted arguments to 1 IOCTL functions in the Firewall module or 2 SSDT hook handler functions in the Registry module...

CVE-2008-0366

CVE-2008-0366 affects CORE FORCE prior to 0.95.172. The vulnerability lies in the Registry module SSDT hook handlers where input arguments are not properly validated, enabling a local unprivileged user to trigger a denial of service (system crash) and potentially execute arbitrary code in kernel ...