29000 matches found
Important: Red Hat Security Advisory: gimp security update
An update for gimp is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
CVE-2020-36987
Program Access Controller 1.2.0.0 contains an unquoted service path vulnerability in PACService.exe that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSyste...
CVE-2020-36987 Program Access Controller v1.2.0.0 - 'PACService.exe' Unquoted Service Path
Program Access Controller 1.2.0.0 contains an unquoted service path vulnerability in PACService.exe that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSyste...
CVE-2020-36987
CVE-2020-36987 affects Program Access Controller 1.2.0.0. The unquoted service path vulnerability is in PACService.exe and can be triggered during system startup or reboot to inject and run malicious executables with LocalSystem privileges. Root cause: unquoted service path allowing privilege esc...
Gear Box Computers Program Access Controller code-related vulnerabilities
Gear Box Computers Program Access Controller is a program access controller developed by Gear Box Computers. Version 1.2.0.0 of the Gear Box Computers Program Access Controller contains a code vulnerability. This vulnerability stems from the PACService.exe file having a service path that is not...
CVE-2025-28162
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer ASan, the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unresponsive...
CVE-2026-24822
Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in ttttupup wxhelper src modules. This vulnerability is associated with program files mongoose.C. This issue affects wxhelper: through 3.9.10.19-v1...
EUVD-2026-4842
Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution...
CVE-2026-24344
The CVE-2026-24344 entry describes multiple buffer overflows in the EZCast Pro II Admin UI, affecting version 1.17478.146. The root cause per the documents is buffer overflow conditions in the Admin UI, enabling a crash and potentially remote code execution. No detailed exploit vectors, affected ...
CVE-2026-24825
Missing Release of Memory after Effective Lifetime vulnerability in ydb-platform ydb contrib/libs/yajl modules. This vulnerability is associated with program files yailtree.C. This issue affects ydb: through 24.4.4.2...
CVE-2026-24811
Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inffast.C. This issue affects root...
WinAVR security vulnerability
WinAVR is an open-source microcontroller development toolkit developed by WinAVR. Version WinAVR 20100110 has a security vulnerability, which stems from improper permission settings. This vulnerability may lead to the modification of system files and executable files...
Raimersoft TapinRadio security vulnerability
Raimersoft TapinRadio is a web radio software developed by Raimersoft Corporation. The version 2.13.7 of Raimersoft TapinRadio contains a security vulnerability. This vulnerability stems from a buffer overflow in the application’s proxy settings, which could lead to program crashes...
Cross-dashboard privilege escalation via permission management
Grafana is an open-source platform for monitoring and observability. The platform supports creating dashboards, which collate various visualisation panels onto one plane. These can have per-user permissions. If a user has permission management rights on one dashboard, they could edit the...
CVE-2025-28162
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer ASan, the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unresponsive...
Malicious code in @sommos/create-program-template-form-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa7bdf06061a821a92bec72c1ea8826213552ec4486d81e7776553a74293dd79 The package @sommos/create-program-template-form-data was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-509 Malicious code in @sommos/create-program-template-form-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa7bdf06061a821a92bec72c1ea8826213552ec4486d81e7776553a74293dd79 The package @sommos/create-program-template-form-data was found to contain malicious code. Source: ossf-package-analysis...
CVE-2020-36958
Kite 1.2020.1119.0 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Kite\KiteService.exe' to inject malicious executables and escalate...
CVE-2020-36958 Kite 1.2020.1119.0 - 'KiteService' Unquoted Service Path
Kite 1.2020.1119.0 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Kite\KiteService.exe' to inject malicious executables and escalate...
CVE-2025-59094
A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application d9sysdef.exe. Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM...