(Pwn2Own) QNAP TS-453E smbd domain_name Argument Injection Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP TS-453E devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of of the domainname parameter. The issue results from the la...

EUVD-2010-1906

Malware in sbrugna...

CVE-2025-26503

A crafted system call argument can cause memory corruption...

CVE-2025-26503 Buffer manipulation

A crafted system call argument can cause memory corruption...

CVE-2025-26503

The CVE-2025-26503 entry maps to a memory corruption issue triggered by a crafted system call argument. Connected sources reference Wind River VxWorks 7 as the affected platform, with CVSSv3.1 metrics indicating Local attack vector, High privileges required, No user interaction, and Confidentiali...

PT-2025-38473

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A crafted system call argument can cause memory corruption. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

Out-of-bounds

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate an unspecified system-call argument, which allows local users to cause a denial of...

PT-2010-3510 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 through SP2 Microsoft Windows Server 2008 versions Gold through SP2 and R2 Microsoft Windows 7 Description: The issue...