2321 matches found
CVE-2025-14098
Avira Antivirus engine heap buffer out-of-bounds write (integer overflow) when scanning a malformed MS-DOS executable file. Affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.104. Impact: local code execution or denial-of-service of the antivirus engine process. ...
CVE-2025-14098 Avira antivirus engine heap buffer OOB write when scanning a malformed MS-DOS executable file
Heap buffer out-of-bounds write vulnerability due to integer overflow in Avira Antivirus engine when scanning a malformed MS-DOS executable file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux...
PT-2026-49046
Name of the Vulnerable Software and Affected Versions Avira Antivirus versions prior to 8.3.70.104 Description A heap buffer out-of-bounds write occurs due to an integer overflow in the antivirus engine when scanning a malformed MS-DOS executable file. This can lead to local execution of code or ...
CVE-2026-10801
A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the function Template.savepilimage of the file swift/template/base.py of the component PIL Image Cache Key Handler. The manipulation leads to use of weak hash. An attack has to be approached locally. A hig...
mimic-kit (>=0.1.0 <=0.1.1), modelscope (>=1.9.0 <=1.9.1) +3 more potentially affected by CVE-2026-10801 via ms-swift (>=1.3.0 <=4.2.2)
ms-swift PYPI version =1.3.0, =0.1.0, =1.9.0, =1.3.0, =0.0.1, =0.1.2, =0.1.3 Source cves: CVE-2026-10801 Source advisory: SNYK:PYTHON-MSSWIFT-17152951...
CVE-2026-10801 modelscope ms-swift PIL Image Cache Key base.py Template._save_pil_image weak hash
A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the function Template.savepilimage of the file swift/template/base.py of the component PIL Image Cache Key Handler. The manipulation leads to use of weak hash. An attack has to be approached locally. A hig...
Exploit for CVE-2026-2256
CVE-2026-...
freerdp: FreeRDP: Denial of Service via crafted audio data in RDP
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker can exploit a sizet underflow vulnerability in the IMA-ADPCM and MS-ADPCM audio decoders by sending specially crafted audio data over the RDPSND audio channel. This underflow leads to a...
freerdp: FreeRDP: Denial of Service via crafted audio data in RDP
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker can exploit a sizet underflow vulnerability in the IMA-ADPCM and MS-ADPCM audio decoders by sending specially crafted audio data over the RDPSND audio channel. This underflow leads to a...
Malicious Package
Overview ms-graph-types is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
freerdp: FreeRDP: Denial of Service via crafted audio data in RDP
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker can exploit a sizet underflow vulnerability in the IMA-ADPCM and MS-ADPCM audio decoders by sending specially crafted audio data over the RDPSND audio channel. This underflow leads to a...
freerdp: FreeRDP: Denial of Service via crafted audio data in RDP
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker can exploit a sizet underflow vulnerability in the IMA-ADPCM and MS-ADPCM audio decoders by sending specially crafted audio data over the RDPSND audio channel. This underflow leads to a...
freerdp: FreeRDP: Denial of Service via crafted audio data in RDP
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker can exploit a sizet underflow vulnerability in the IMA-ADPCM and MS-ADPCM audio decoders by sending specially crafted audio data over the RDPSND audio channel. This underflow leads to a...
Unity Linux 20.1060e / 20.1070e Security Update: SDL (UTSA-2026-017580)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017580 advisory. SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MSADPCMdecode in audio/SDLwave.c. Tenable has extracted the...
fusion-tools (>=3.6.19 <=3.6.90), idt-calculator (=0.1.0) +6 more potentially affected by CVE-2026-38361 via dash-uploader (>=0.6.0 <=0.6.1)
dash-uploader PYPI version =0.6.0, =3.6.19, =0.0.11, =0.0.30, =0.0.50.0, =0.2.1, =0.2.0, =0.4.1 Source cves: CVE-2026-38361 Source advisory: OSV:PYSEC-2026-37...
Malicious code in ms.analytics-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8603a11b43db05d179ab55b635a517ed40832c05fc4365a1ba69d2ec1eb5092 The package ms.analytics-web was found to contain malicious code. Source: ossf-package-analysis...
Astra Linux – Vulnerability in Wireshark
Excessive memory consumption in the MS-WSP dissector in Wireshark versions 3.4.0 to 3.4.4, and 3.2.0 to 3.2.12 may allow denial of service through packet injection or crafted capture files...
Astra Linux – Vulnerability in Thunderbird
The ms-msdt, search, and search-ms protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have known vulnerabilities that have been exploited in the wild although we know of none exploited through Thunderbird. Therefore, in thi...
freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface
A heap buffer use after free has been discovered in FreeRDP. urbselectinterface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusbudevselectinterface...
(0Day) Microsoft Windows library-ms NTLM Response Information Disclosure Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must view a folder containing malicious content. The specific flaw exists within the...