CVE-2021-47719 CNC_Ctrl DllUnregisterServer f5501 Access Violation

COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in CommaxWebViewer.ocx to cause buffer overflow condition...

CVE-2021-47719

CVE-2021-47719 affects COMMAX WebViewer ActiveX Control 2.1.4.5. The root cause is a buffer overflow in Commax_WebViewer.ocx triggered by processing excessively long string arrays across multiple functions, enabling potentially arbitrary code execution. Documents consistently describe boundary er...

CVE-2021-47719 CNC_Ctrl DllUnregisterServer f5501 Access Violation

COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in CommaxWebViewer.ocx to cause buffer overflow condition...

CVE-2021-47705

The vulnerability CVE-2021-47705 affects COMMAX UMS Client ActiveX Control 1.7.0.2. The root cause is a heap-based buffer overflow in CNC_Ctrl.dll, resulting from improper boundary validation. An attacker can supply excessively long string arrays through multiple functions to trigger heap corrupt...

CLSA-2025-1765310613 python-jinja2: Fix of CVE-2024-56326

CVE-2024-56326: fix format string vulnerability impacting users of applications which execute untrusted template...

CLSA-2025-1765287413 python-jinja2: Fix of CVE-2024-56326

CVE-2024-56326: fix format string vulnerability impacting users of applications which execute untrusted template...

CVE-2025-66558

Nextcloud Twofactor WebAuthn is the WebAuthn Two-Factor Provider for Nextcloud. Prior to 1.4.2 and 2.4.1, a missing ownership check allowed an attack to take-away a 2FA webauthn device when correctly guessing a 80-128 character long random string of letters, numbers and symbols. The victim would...

EUVD-2022-55709

In the Linux kernel, the following vulnerability has been resolved: RISC-V: Make port I/O string accessors actually work Fix port I/O string accessors such as insb', outsb', etc. which use the physical PCI port I/O address rather than the corresponding memory mapping to get at the requested...

CVE-2025-66568 ruby-saml Libxml2 Canonicalization errors can bypass Digest/Signature validation

The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a Signature Wrappi...

UBUNTU-CVE-2022-50647

In the Linux kernel, the following vulnerability has been resolved: RISC-V: Make port I/O string accessors actually work Fix port I/O string accessors such as insb', outsb', etc. which use the physical PCI port I/O address rather than the corresponding memory mapping to get at the requested...

CVE-2022-50647 RISC-V: Make port I/O string accessors actually work

In the Linux kernel, the following vulnerability has been resolved: RISC-V: Make port I/O string accessors actually work Fix port I/O string accessors such as insb', outsb', etc. which use the physical PCI port I/O address rather than the corresponding memory mapping to get at the requested...

PT-2025-50235

Name of the Vulnerable Software and Affected Versions COMMAX UMS Client ActiveX Control version 1.7.0.2 Description The COMMAX UMS Client ActiveX Control contains a heap-based buffer overflow issue. An attacker can execute arbitrary code by supplying overly long string arrays through multiple...

PT-2025-49627

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc2-00283-g10d4879f9ef0-dirty Description The Linux kernel had an issue where port I/O string accessors, such as insb and outsb, did not function correctly. These accessors used the physical PCI port I/O...

Siemens Energy Services

SUMMARY Energy Services from Siemens previously known as Managed Applications and Services, sell solutions using Elspec G5 devices that allows a person with physical access to the device to reset the Admin password by inserting a USB drive containing a publicly documented reset string into a USB...

Linux Distros Unpatched Vulnerability : CVE-2023-53834

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iio: adc: ina2xx: avoid NULL pointer dereference on OF device match The affected lines were resulting in a NULL pointer dereference on our platform because the...

PT-2025-50243

Name of the Vulnerable Software and Affected Versions COMMAX WebViewer ActiveX Control version 2.1.4.5 Description The COMMAX WebViewer ActiveX Control contains a buffer overflow issue. An attacker can execute arbitrary code by supplying overly long string arrays through multiple functions...

PT-2025-49721

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Linux kernel related to the think-lmi module when displaying current settings. Specifically, when retrieving an item string using the tlmi setting function, t...

Amazon Linux 2 : glib2, --advisory ALAS2-2025-3094 (ALAS-2025-3094)

The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3094 advisory. A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring...

crackme-project

Crackme - Binary Exploitation Challenge Projektbeschreibun...

CVE-2025-66558 Nextcloud Twofactor WebAuthn app was updated based on public key

Nextcloud Twofactor WebAuthn is the WebAuthn Two-Factor Provider for Nextcloud. Prior to 1.4.2 and 2.4.1, a missing ownership check allowed an attack to take-away a 2FA webauthn device when correctly guessing a 80-128 character long random string of letters, numbers and symbols. The victim would...