CVE-2011-10023 MJM QuickPlayer <= 2010 .s3m Stack-Based Buffer Overflow

MJM QuickPlayer also known as MJM Player version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitrary code...

CVE-2011-10023

MJM QuickPlayer also known as MJM Player version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitrary code...

CVE-2011-10023

CVE-2011-10023 affects MJM QuickPlayer/Player (≈2010) with a stack-based buffer overflow in the .s3m file parser. The flaw stems from improper bounds checking, enabling memory overwrite and arbitrary code execution. Exploitation described uses a crafted payload that bypasses DEP/ASLR via ROP and ...

CVE-2011-10024 MJM Core Player 2011 .s3m File Stack-Based Buffer Overflow

MJM Core Player likely now referred to as MJM Player 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute...

CVE-2011-10024 MJM Core Player 2011 .s3m File Stack-Based Buffer Overflow

MJM Core Player likely now referred to as MJM Player 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute...

CVE-2011-10024

CVE-2011-10024 affects MJM Core Player (2011) where the .s3m file parser has a stack-based buffer overflow due to improper bounds checking. The vulnerability is triggered when a user opens a crafted .s3m file, allowing an attacker to overwrite stack memory and execute arbitrary code. Exploitation...

Link11 Highlights Growing Cybersecurity Risks and Introduces Integrated WAAP Platform

Frankfurt am Main, Germany, 20th August 2025, CyberNewsWire...

Akamai Beats Other WAAP Vendors in Third-Party Evaluation

...

CVE-2025-57788

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk...

CVE-2024-57157

Incorrect access control in Jantent v1.1 allows attackers to bypass authentication and access sensitive APIs without a token...

PT-2025-34105 · Undefined · Undefined

MJM Core Player likely now referred to as MJM Player 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute...

PT-2025-34104

Name of the Vulnerable Software and Affected Versions MJM QuickPlayer version 2010 Description MJM QuickPlayer also known as MJM Player contains a stack-based buffer overflow triggered by opening a malicious .s3m music file. This issue arises from improper bounds checking in the file parser, whic...

Commvault 安全漏洞

Commvault is a data backup and recovery software from Commvault Corporation, USA. A security vulnerability exists in Commvault versions prior to 11.36.60 that stems from a known login mechanism that allows an unauthenticated attacker to execute API calls...

PT-2025-33898

Name of the Vulnerable Software and Affected Versions: Commvault versions prior to 11.36.60 Description: A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. Role-Based Access Control RBAC can limit exposure, but does...

Linux Distros Unpatched Vulnerability : CVE-2024-52337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequenc...

Sensitive Information Disclosure

OpenSearch is vulnerable to Sensitive Information Disclosure. The vulnerability is due to redacted values being retrievable through range queries and the fields option in the search API...

CVE-2025-55299

VaulTLS is a modern solution for managing mTLS mutual TLS certificates. Prior to 0.9.1, user accounts created through the User web UI have an empty but not NULL password set, attackers can use this to login with an empty password. This is combined with that fact, that previously disabling the...

CVE-2025-55299

VaulTLS has an authentication issue prior to 0.9.1: user accounts created via the User web UI may have an empty (non-NULL) password, enabling login with an empty password. This is exacerbated by API login still working after frontend password checks were disabled. The vulnerability is fixed in 0....

BIT-GITLAB-2024-10219 Incorrect Authorization in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 15.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that under certain conditions could have allowed authenticated users to bypass access controls and download private artifacts by accessing specific API endpoints...

Important: Red Hat Security Advisory: golang security update

An update for golang is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...