CVE-2025-12051

The CVE-2025-12051 entry describes a buffer overflow vulnerability in drivers within InsydeH2O tool packages where RTL_QUERY_REGISTRY_DIRECT is used to read a registry value. An untrusted user-mode application may manipulate the registry value to trigger the overflow. Affected software is referen...

PT-2026-2439

Name of the Vulnerable Software and Affected Versions Windows Kernel Driver affected versions not specified Description The drivers within the tool packages utilize the RTL QUERY REGISTRY DIRECT flag when reading a registry value. This process is susceptible to a buffer overflow if an untrusted...

Microsoft IE11 Js::RegexHelper::RegexReplace Use-After-Free

IE11: Use-after-free in Js::RegexHelper::RegexReplace CVE-2018-0866 There is a Use-after-free vulnerability in Internet Explorer that could potentially be used for memory disclosure. This was tested on IE11 running on Window 7 64-bit with the latest patches applied. Note that the PoC was tested i...

Microsoft Internet Explorer 11 - 'Js::RegexHelper::RegexReplace' Use-After-Free

var vars = new Array2; function main vars0 = Array1000000.joinString.fromCharCode0x41; vars1 = String.prototype.substring.callvars0, 1, vars0.length; String.prototype.replace.callvars1, RegExp, f; function farg1, arg2, arg3 alertarg3; vars0 = 1; CollectGarbage; return 'a'; main; +0x122e5d:...

PT-1999-1600 · Ipswitch · Ws Ftp

Name of the Vulnerable Software and Affected Versions: IPswitch WS FTP affected versions not specified Description: The issue allows local users to gain additional privileges and modify or add mail accounts by setting the flags registry key to 1920. Recommendations: At the moment, there is no...