CVE-2026-8359 Gladinet Triofox WOSHttpStatusModule.dll NULL Function Pointer Call DoS

When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBinLoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not prese...

CVE-2025-10906

CVE-2025-10906 affects Magnetism Studios Endurance on macOS (versions up to 3.3.0). The vulnerability lies in the NSXPC Interface, specifically loadModuleNamed:WithReply in /Applications/Endurance.app/Contents/Library/LaunchServices/com.MagnetismStudios.endurance.helper, enabling local manipulati...

CVE-2025-10906 Magnetism Studios Endurance NSXPC com.MagnetismStudios.endurance.helper loadModuleNamed:WithReply missing authentication

A flaw has been found in Magnetism Studios Endurance up to 3.3.0 on macOS. This affects the function loadModuleNamed:WithReply of the file /Applications/Endurance.app/Contents/Library/LaunchServices/com.MagnetismStudios.endurance.helper of the component NSXPC Interface. Executing manipulation can...

redis-rce

Redis RCE A exploit for Redis 4.x/5.x RCE, inspired by Redis post-exploitation. This repo is a modified version of . Usage: Compile exp.so from . usage: redis-rce.py -h -r RHOST -p RPORT -L LHOST -P LPORT -f FILE -a AUTH -v Redis 4.x/5.x RCE with RedisModules optional arguments: -h, --help show...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between btftrygetmodule and loadmodule resulting in reuse after release...

CVE-2024-35419

wac commit 385e1 was discovered to contain a heap overflow via the loadmodule function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted wasm file...

PT-2024-26487 · Wac · Wac

Name of the Vulnerable Software and Affected Versions: wac version 385e1 Description: A heap overflow issue was discovered in the load module function at /wac-asan/wa.c, allowing attackers to cause a Denial of Service DoS via a crafted wasm file. The load module function is vulnerable, and...

wac 安全漏洞

wac WebAssembly in C is a minimal WebAssembly interpreter written in C by the individual developer Joel Martin. A security vulnerability exists in wac version 385e1, which stems from a heap overflow in the loadmodule function and could lead to an attacker causing a denial of service via a special...

PT-2024-6323 · Ivanti · Ivanti Endpoint Manager +1

Name of the Vulnerable Software and Affected Versions: Ivanti EPM versions prior to 2022 SU6 Ivanti EPM versions prior to the 2024 September update Description: The issue is related to an unspecified SQL injection in the loadModuleTable method of Ivanti EPM, which allows a remote authenticated...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption when the HLOS allocates a response payload buffer to copy data received from the ADSP in response to an AVCSLOADMODULE command...

PT-2024-12418 · Qualcomm · Snapdragon +124

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption when the High-Level Operating System HLOS allocates a response payload buffer to copy data received from the Audio...

CVE-2021-26392

Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious TA...

Security Bulletin: IBM Security Identity Governance and Intelligence is vulnerable to sensitive information disclosure (CVE-2020-4957)

Summary IBM Security Identity Governance and Intelligence could disclose sensitive information in URL parameters due to a vulnerability in the Bulk Data Load module CVE-2020-4957. This vulnerability is resolved by a code fix in the affected part of the product. Vulnerability Details CVEID:...

OPENSUSE-SU-2021:0046-1 Security update for cobbler

This update for cobbler fixes the following issues: - Add cobbler-tests subpackage for unit testing for openSUSE/SLE - Adds LoadModule definitions for openSUSE/SLE - Switch to new refactored auth module. - use systemctl to restart cobblerd on logfile rotation boo1169207 Mainline logrotate conf fi...

CVE-2011-1830 Ekiga attempts to dlopen /tmp/ekiga_test.so

Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekigatest.so...

WAVM Denial of Service Vulnerability (CNVD-2019-09768)

WAVM is the WebAssembly Virtual Machine. A denial of service vulnerability exists in versions of WAVM prior to 2018-09-16, which stems from the loadModule function in Include/Inline/CLI.h failing to check the length of a file before the file MAGIC comparison, which can be exploited by an attacker...