CVE-2021-0438

In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAGOBSCURED value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

PT-2025-17670

Name of the Vulnerable Software and Affected Versions: fig2dev version 3.2.9a Description: The issue allows an attacker possible code execution via local input manipulation through the read objects function. Recommendations: For fig2dev version 3.2.9a, consider restricting access to the read...

CVE-2022-49330

In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcpmtupprobesuccess vs wrong sndcwnd syzbot got a new report 1 finally pointing to a very old bug, added in initial support for MTU probing. tcpmtuprobe has checks about starting an MTU probe if tcpsndcwndtp = 11. But...

Insecure Permissions

com.xuxueli, xxl-job-core is vulnerable to Insecure Permissions. The vulnerability is due to improper access control and validation in the Sub-Task ID component. This allowing attackers to manipulate it to execute arbitrary code by crafting malicious input...

SUSE CVE-2006-4484

Buffer overflow in the LWZReadByte function in ext/gd/libgd/gdgifin.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with inputcodesize greater than MAXLWZBITS, which triggers an overflow when initializing the table array...

CVE-2020-35564

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing for malicious user input of active code...

CVE-2020-7674

access-policy through 3.1.0 is vulnerable to Arbitrary Code Execution. User input provided to the template function is executed by the eval function resulting in code execution...

Denial of service vulnerability in the mp110005.sys driver of Micropoint Smart Defense Software Personal Free Edition (CNVD-2018-20117)

Micropoint Intelligent Defense Software Personal Free Edition is a set of third-generation anti-virus software of Micropoint Baihui Beijing Information Security Technology Co., Ltd. and adopts AI Intelligent Defense Technology to independently analyze and judge viruses. A denial of service...

2345 Security Guard Denial of Service Vulnerability (CNVD-2018-09657)

2345 Security Guard is a set of computer security protection software from China's 2345 Corporation. A security vulnerability exists in the 2345BdPcSafe.sys X64 application file in 2345 Security Guard version 3.7, which originates from the program failing to validate the input value of IOCTL...

CVE-2018-9050

In Windows Master aka Windows Optimization Master 7.99.13.604, the driver file WoptiHWDetect.SYS allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100202d...

CVE-2018-9048

In Windows Master aka Windows Optimization Master 7.99.13.604, the driver file WoptiHWDetect.SYS allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100282c...

CVE-2018-9043

In Advanced SystemCare Ultimate 11.0.1.58, the driver file Monitorwin10x64.sys allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060d0...

Windows Master Denial of Service Vulnerability (CNVD-2018-07014)

Windows Master aka Windows Optimization Master is a set of Windows optimization tools. The tool features system detection, system optimization, system cleanup and system maintenance. A security vulnerability exists in the WoptiHWDetect.SYS driver file in Windows Master version 7.99.13.604, which...

CVE-2018-8991

In Windows Master aka Windows Optimization Master 7.99.13.604, the driver file WoptiHWDetect.SYS allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002009...

CVE-2018-8894

In 2345 Security Guard 3.6, the driver file 2345BdPcSafe.sys allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222108...

WatchDog Anti-Malware Denial of Service Vulnerability

WatchDog Anti-Malware is a cloud-based, multi-engine malware scanner from WatchDogDevelopment, USA. A security vulnerability exists in the ZAMGUARD32.SYS driver file in WatchDog Anti-Malware version 2.74.186.150, which originates when the program fails to properly validate the input value of IOCt...

CVE-2018-5278

In Malwarebytes Premium 3.3.1.2183, the driver file FARFLT.SYS allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e00c. NOTE: the vendor reported that they "have not been able to reproduce the issu...

K7 AntiVirus Denial of Service Vulnerability (CNVD-2018-01134)

K7 AntiVirus is home user friendly virus removal software that protects computers from viruses, Trojans, malware and spyware threats. A denial of service vulnerability exists in the driver file K7Sentry.sys in K7 AntiVirus 15.1.0306. The vulnerability arises due to an unverified input value from...

gd: GIF handling buffer overflow

Buffer overflow in the LWZReadByte function in ext/gd/libgd/gdgifin.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with inputcodesize greater than MAXLWZBITS, which triggers an overflow when initializing the table array...

gd: GIF handling buffer overflow

Buffer overflow in the LWZReadByte function in ext/gd/libgd/gdgifin.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with inputcodesize greater than MAXLWZBITS, which triggers an overflow when initializing the table array...