4198 matches found
CVE-2018-25322
Allok Fast AVI MPEG Splitter 1.2 is affected by a stack-based buffer overflow in the License Name field. An attacker with local access can craft a payload (about 780 bytes of junk data followed by structured shellcode) to overflow the stack and execute code with the application's privileges. The ...
Alloksoft AVI DivX MPEG to DVD Converter 安全漏洞
Alloksoft AVI DivX MPEG to DVD Converter is a multimedia conversion tool developed by Alloksoft Corporation, capable of converting video formats such as AVI, DivX, and MPEG, as well as creating DVDs. Version 2.6.1217 of Alloksoft AVI DivX MPEG to DVD Converter contains a security vulnerability...
PT-2026-41549
Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a text file with a specially crafted buffer containing shellcode and SEH...
PT-2026-41548
Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the...
The vulnerability was exploited in AMD processors
AMD has addressed a vulnerability in certain processor models through a mitigation measure included in the Windows update of May 2026. This vulnerability affects certain AMD processors. A local malicious actor could exploit this vulnerability to execute arbitrary code on the system. The mitigatio...
SUSE CVE-2025-5265
Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Th...
GHSA-7P5M-V798-F8VV Electerm Local code through electerm's single-instance socket
Impact Local code execution without UI interaction: any same-user process can send a JSON payload to electerm's single-instance socket/pipe, causing the app to create tabs and potentially spawn attacker-controlled local processes. Affects electerm single-instance installs on the machine. Patches ...
NPM: Electerm Local code through electerm's single-instance socket
NPM: Electerm Local code through electerm's single-instance socket vulnerability discovered by ? in WordPress Npm electerm versions = 3.0.6, = 3.8.8...
Electerm Local code through electerm's single-instance socket
Impact Local code execution without UI interaction: any same-user process can send a JSON payload to electerm's single-instance socket/pipe, causing the app to create tabs and potentially spawn attacker-controlled local processes. Affects electerm single-instance installs on the machine. Patches ...
CVE-2026-42881
STIGQter is an open-source reimplementation of DISA's STIG Viewer. From 0.1.2 to before 1.2.7, an attacker can achieve local code execution LCE with the privileges of the user running STIGQter. This requires user interaction: the victim must open the malicious .stigqter file and explicitly run th...
CVE-2026-42881
STIGQter (open-source reimplementation of DISA STIG Viewer) prior to 1.2.7 contains a vulnerability where an attacker can achieve local code execution with the user’s privileges by persuading a user to open a crafted .stigqter file and run the Export HTML action. The CVE entry and CVE List title ...
CVE-2026-42881 STIGQter: Arbitrary File Write leading to Local Code Execution via Export HTML
STIGQter is an open-source reimplementation of DISA's STIG Viewer. From 0.1.2 to before 1.2.7, an attacker can achieve local code execution LCE with the privileges of the user running STIGQter. This requires user interaction: the victim must open the malicious .stigqter file and explicitly run th...
CVE-2026-42881 STIGQter: Arbitrary File Write leading to Local Code Execution via Export HTML
STIGQter is an open-source reimplementation of DISA's STIG Viewer. From 0.1.2 to before 1.2.7, an attacker can achieve local code execution LCE with the privileges of the user running STIGQter. This requires user interaction: the victim must open the malicious .stigqter file and explicitly run th...
EUVD-2026-30305
STIGQter is an open-source reimplementation of DISA's STIG Viewer. From 0.1.2 to before 1.2.7, an attacker can achieve local code execution LCE with the privileges of the user running STIGQter. This requires user interaction: the victim must open the malicious .stigqter file and explicitly run th...
CVE-2026-42881
STIGQter is an open-source reimplementation of DISA's STIG Viewer. From 0.1.2 to before 1.2.7, an attacker can achieve local code execution LCE with the privileges of the user running STIGQter. This requires user interaction: the victim must open the malicious .stigqter file and explicitly run th...
Security Updates for Microsoft Office Products C2R (May 2026)
The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-40358 - Heap-based buffer overflow in Microsoft Office allows an unauthorized...
PT-2026-40946
STIGQter is an open-source reimplementation of DISA's STIG Viewer. From 0.1.2 to before 1.2.7, an attacker can achieve local code execution LCE with the privileges of the user running STIGQter. This requires user interaction: the victim must open the malicious .stigqter file and explicitly run th...
PT-2026-41182
Name of the Vulnerable Software and Affected Versions electerm versions 3.0.6 through 3.8.8 Description A local code execution issue exists where any process running under the same user can send a JSON payload to the single-instance socket or pipe of the application. This allows an attacker to...
CVE-2026-42831
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2026-41611
Improper neutralization of script-related html tags in a web page basic xss in Visual Studio Code allows an unauthorized attacker to execute code locally...