Iperius Backup 安全漏洞

Iperius Backup is a backup tool developed by the Italian company Iperius Backup. Version 6.1.0 of Iperius Backup contains a security vulnerability. This vulnerability stems from an issue with privilege escalation, which could allow low-privilege users to execute arbitrary programs by elevating...

PT-2026-26955

ZOC Terminal 7.23.4 contains a buffer overflow vulnerability in the Shell field of Program Settings that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a crafted payload into the Shell configuration field and trigger a crash when...

EUVD-2019-19850

Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Program Alerts configuration field. Attackers can paste a buffer of 5000 characters into the 'Select or enter a program' field during progr...

CVE-2019-25551

Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Program Alerts configuration field. Attackers can paste a buffer of 5000 characters into the 'Select or enter a program' field during progr...

CVE-2019-25551

Sandboxie 5.30 has a Denial of Service vulnerability exposed via the Program Alerts configuration. A local attacker can crash the application by inputting an excessively long string (e.g., a 5000-character buffer) into the 'Select or enter a program' field during program alert setup. The CVE desc...

CVE-2019-25551 Sandboxie 5.30 Denial of Service via Program Alerts Buffer Overflow

Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Program Alerts configuration field. Attackers can paste a buffer of 5000 characters into the 'Select or enter a program' field during progr...

CVE-2019-25551 Sandboxie 5.30 Denial of Service via Program Alerts Buffer Overflow

Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Program Alerts configuration field. Attackers can paste a buffer of 5000 characters into the 'Select or enter a program' field during progr...

CVE-2019-25551

Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Program Alerts configuration field. Attackers can paste a buffer of 5000 characters into the 'Select or enter a program' field during progr...

CVE-2026-3460

CVE-2026-3460 concerns the REST API TO MiniProgram plugin for WordPress. The vulnerability allows an authenticated user with Subscriber-level access or higher to modify arbitrary users’ store-related metadata (storeinfo, storeappid, storename) via an attacker-controlled userid parameter in the RE...

CVE-2026-3460

The REST API TO MiniProgram plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.2. This is due to the permission callback updateuserwechatshopinfopermissionscheck only validating that the supplied 'openid' parameter corresponds to an...

CVE-2026-3460 REST API TO MiniProgram <= 5.1.2 - Authenticated (Subscriber+) Insecure Direct Object Reference via 'userid' REST API Parameter

The REST API TO MiniProgram plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.2. This is due to the permission callback updateuserwechatshopinfopermissionscheck only validating that the supplied 'openid' parameter corresponds to an...

Sandboxie 安全漏洞

Sandboxie is an open-source isolation software based on a sandbox mechanism, developed by sandboxie-plus. Version 5.30 of Sandboxie has a security vulnerability. This vulnerability stems from the excessive length of strings entered in the program alert configuration field. This could allow local...

PT-2026-26896

Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Program Alerts configuration field. Attackers can paste a buffer of 5000 characters into the 'Select or enter a program' field during progr...

EUVD-2026-13605

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfeventoverflow vs perfremovefromcontext race Make sure that perfeventoverflow runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled...

CVE-2026-23271

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfeventoverflow vs perfremovefromcontext race Make sure that perfeventoverflow runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled...

UBUNTU-CVE-2026-23271

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfeventoverflow vs perfremovefromcontext race Make sure that perfeventoverflow runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled...

CVE-2026-32766

A flaw was found in astral-tokio-tar, a software component for handling tar archives. This flaw causes malformed PAX Portable Archive eXchange extensions within an archive to be silently ignored. An attacker could leverage this to create a specially crafted archive that, when processed by...

CVE-2026-23271

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfeventoverflow vs perfremovefromcontext race Make sure that perfeventoverflow runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled...

CVE-2026-23271 perf: Fix __perf_event_overflow() vs perf_remove_from_context() race

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfeventoverflow vs perfremovefromcontext race Make sure that perfeventoverflow runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled...

CVE-2026-23271 perf: Fix __perf_event_overflow() vs perf_remove_from_context() race

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfeventoverflow vs perfremovefromcontext race Make sure that perfeventoverflow runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled...