2 matches found
CVE-2025-26624
CVE-2025-26624 describes a DLL hijacking/local privilege escalation in Rufus. Affected: Rufus 4.6.2208 and earlier. Root cause: the launcher loads a malicious cfgmgr32.dll from the same directory via side-loading when the executable has elevated privileges. Impact: enables loading/execution of a ...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Google Protocol Buffers (CVE-2021-22570)
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Google Protocol Buffers, caused by a NULL pointer dereference when a null char is present in a proto symbol CVE-2021-22570. Google Protocol Buffers protobuf are included as part of the...