4304 matches found
PT-2025-7583 · Bento4 · Bento4
Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-641 Description: A buffer overflow issue in Bento4 allows a local attacker to execute arbitrary code via the AP4 Stz2Atom::AP4 Stz2Atom component located in Ap4Stz2Atom.cpp. This enables local arbitrary code execution...
Bento4 安全漏洞
Bento4 is an open source C++ library for reading and writing MP4 files from Axiomatic Systems. A security vulnerability exists in Bento4 version v1.6.0-641, which stems from a buffer overflow in Ap4Stz2Atom.cpp that allows local execution of arbitrary code...
Bento4 安全漏洞
Bento4 is an open source C++ library for reading and writing MP4 files from Axiomatic Systems. A security vulnerability exists in Bento4 version v1.6.0-641, which stems from a buffer overflow in Ap4RtpAtom.cpp that allows local execution of arbitrary code...
PT-2025-7584 · Bento4 · Bento4
Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-641 Description: A buffer overflow issue allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4 RtpAtom::AP4 RtpAtom, during the execution of mp4fragment with a crafted MP4 input fil...
CVE-2025-25943
CVE-2025-25943 concerns Bento4 v1.6.0-641, where a buffer overflow in the AP4_Stz2Atom::AP4_Stz2Atom component (Ap4Stz2Atom.cpp) allows a local attacker to execute arbitrary code. Public documents confirm the affected software and the vulnerable function/file, and describe the impact as local arb...
Hitachi HVAC Energy Saving Program 安全漏洞
Hitachi HVAC Energy Saving Program is an energy saving program project of Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi HVAC Energy Saving Program that originates from an unsafe loading of a dynamic link library, which could lead to local code execution or information...
Azure Linux 3.0 Security Update: kernel (CVE-2024-21803)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21803 advisory. - Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local...
CVE-2022-49038
Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors...
CVE-2024-50322
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required...
CVE-2024-6563
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files...
CVE-2024-33582
A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges...
CVE-2024-33581
A DLL hijack vulnerability was reported in Lenovo PC Manager AI intelligent scenario that could allow a local attacker to execute code with elevated privileges...
CVE-2024-20849
Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code...
CVE-2024-20877
Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to execute arbitrary code...
Dell EMC NetWorker Unquoted Search Path (DSA-2025-064)
Dell NetWorker, versions prior to 19.11.0.3, all versions of 19.10 & prior versions contains an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. Note that Nessus has not tested for...
CVE-2025-20890
Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability...
CVE-2025-20890
Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability...
CVE-2025-20882
Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability...
CVE-2025-20890
Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability...
CVE-2025-20888
Out-of-bounds write in handling the block size for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability...