CVE-2026-28525

SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoosemultipart.c that allows unauthenticated attackers to cause a denial of service by sending a crafted HTTP POST request to /upload with a malformed multipart boundary and controlled TCP stream timing...

Acer Updater Service code-related vulnerabilities

The Acer Updater Service is a software update tool provided by Acer, a company based in Taiwan, China. Version 1.2.3500.0 of the Acer Updater Service contains a code vulnerability. This vulnerability stems from an issue with the service path, where a service path without quotes was used, which ma...

JVN#05340816: Multiple installers of Toshiba memory card related software may insecurely load Dynamic Link Libraries

Multiple installers of Toshiba memory card related software contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest installe...

Samsung SW Update Tool Security Bypass Vulnerability

Samsung SW Update Tool is a set of system update tools from Samsung South Korea. A security bypass vulnerability exists in Samsung SW Update Tool version 2.2.5.16. An attacker can exploit this vulnerability to bypass security restrictions and perform unauthorized operations...