CVE-2018-25273

CrossFont 7.5 contains a local buffer overflow in the License Key field that can crash the application when processing an oversized payload. An attacker can craft a malicious file around 4000 bytes and input it into License Key to trigger the crash. Impact is limited to availability (crash) with ...

CVE-2018-25263

Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log...

CVE-2018-25263 Faleemi Desktop Software 1.8.2 Local Buffer Overflow SEH

Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log...

CVE-2018-25263 Faleemi Desktop Software 1.8.2 Local Buffer Overflow SEH

Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log...

CVE-2018-25263

Faleemi Desktop Software 1.8.2 contains a local buffer overflow in the Device alias field of the Managing Log interface that allows an attacker with local access to trigger a structured exception handler (SEH) overwrite and execute arbitrary code (PoC shows calculator). The vulnerability is trigg...

CVE-2026-7024 rawchen sims deleteFileServlet Endpoint DeleteFileServlet.java path traversal

A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...

Faleemi Desktop Software 安全漏洞

Faleemi Desktop Software is a desktop application developed by Faleemi Corporation in the United States. Version 1.8.2 of Faleemi Desktop Software contains a security vulnerability. This vulnerability stems from a local buffer overflow in the Device alias field. It may allow local attackers to...

PT-2026-35266

P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 2000-byte payload into the password field and click login to trigger an...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +21 more potentially affected by CVE-2026-45002 via openclaw (>=0.0.1 <=2026.4.2)

openclaw NPM version =0.0.1, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 - @xmoxmo/bncr =0.0.8 - morpho-vault-manager =0.1.0 and more Source cves: CVE-2026-45002 Source advisory: OSV:GHSA-2XCP-X87W-Q377...

Malicious code in axis-abc-portal-menu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84dbd03fbc7970d1f3fc987743f698a9ea6a0af44ea2b89d0f2c1cbaa397f933 The package axis-abc-portal-menu was found to contain malicious code. Source: ossf-package-analysis...

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran's nuclear program by destroying uranium enrichment centrifuges. According to a new report published by SentinelOne, the previously undocumented cyber...

CVE-2026-28525

SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoosemultipart.c that allows unauthenticated attackers to cause a denial of service by sending a crafted HTTP POST request to /upload with a malformed multipart boundary and controlled TCP stream timing...

simple-git is vulnerable to Remote Code Execution

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still...

BELL-CVE-2026-34318 CVE-2026-34318 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2026-34319 CVE-2026-34319 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2026-31490 CVE-2026-31490 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2026-31529 CVE-2026-31529 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2026-31501 CVE-2026-31501 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2026-31484 CVE-2026-31484 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2026-31481 CVE-2026-31481 does not affect BellSoft software

Bulletin has no description...