70 matches found
CVE-2026-48103
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...
CVE-2026-48103 GHSL-2026-119 7-Zip WIM SecurityId OOB read
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...
EUVD-2026-34852
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...
CVE-2026-48103
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...
PT-2026-46979
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...
EUVD-2025-27331
Malicious code in bioql PyPI...
EUVD-2025-20612
Malicious code in bioql PyPI...
CVE-2025-53799
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally...
CVE-2025-53799
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally...
CVE-2025-53799
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally...
CVE-2025-53799
CVE-2025-53799 affects the Windows Imaging Component. The vulnerability arises from use of an uninitialized resource in Imaging Component code, enabling local attackers to disclose information. The NCSC entry confirms the impact as Access to sensitive data with a CVSS-like rating around 5.5 (Medi...
CVE-2025-53799 Windows Imaging Component Information Disclosure Vulnerability
...
CVE-2025-53799 Windows Imaging Component Information Disclosure Vulnerability
...
Windows Imaging Component Information Disclosure Vulnerability
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally...
KLA87445 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of...
PT-2025-36822
Name of the Vulnerable Software and Affected Versions: Windows Imaging Component affected versions not specified Description: The Windows Imaging Component contains a flaw in its resource handling. This issue allows a local attacker to disclose information. The vulnerability enables attackers to...
PDQ Smart Deploy 安全漏洞
PDQ Smart Deploy is a Windows device imaging and deployment software from PDQ Corporation. A security vulnerability exists in PDQ Smart Deploy version 3.0.2040, which stems from improper permissions on the HKLMSYSTEMSetupSmartDeploy component, and could lead to execution of arbitrary code by a...
CVE-2025-47980
Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally...
CVE-2025-47980
Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally...
CVE-2025-47980
Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally...