A high-severity heap buffer overflow in the AV1 codec library libaom — tracked as CVE-2025-8879 — has been fixed in the latest Chromium builds; Google pushed the patch in Chrome stable channel updates to versions 139.0.7258.127/.128 (Windows and macOS) and 139.0.7258.127 (Linux), and browser...
Microsoft’s Security Update Guide lists CVE-2025-53783 as a heap-based buffer overflow in Microsoft Teams that “allows an unauthorized attacker to execute code over a network,” but the advisory page requires JavaScript and cannot be fully scraped by some automated tools; independent indexing of...
Microsoft has released security updates addressing a dangerous heap-based buffer overflow in the Windows Routing and Remote Access Service (RRAS) that can allow remote code execution against RRAS-enabled servers; administrators should treat this as a high-priority patching event, verify the...
A heap‑based buffer overflow in Windows Hyper‑V allows a locally authorized attacker to elevate privileges on an affected host — administrators must treat this as a high‑priority patching and hardening task and verify vendor guidance before rolling changes into production. (msrc.microsoft.com)...
Microsoft has released patches for a kernel-mode flaw in the Kernel Streaming WOW Thunk Service Driver—an exploitable heap-based buffer overflow that can allow a locally authorized attacker to escalate privileges to SYSTEM—though the CVE identifier you supplied (CVE-2025-53149) does not appear...
Title: CVE-2025-53131 — What Windows admins need to know about the new Windows Media RCE (heap-based buffer overflow)
Summary (TL;DR)
CVE-2025-53131 is a heap-based buffer overflow in Windows Media components that can allow remote, unauthenticated attackers to execute arbitrary code over a...
CVE-2025-50164 — Heap-based buffer overflow in Windows RRAS: what admins need to know now
TL;DR: Microsoft lists CVE-2025-50164 as a heap-based buffer‑overflow in the Windows Routing and Remote Access Service (RRAS) that can lead to remote code execution. Administrators should treat this as...
A newly disclosed heap-based buffer overflow in the Windows Routing and Remote Access Service (RRAS) — tracked as CVE-2025-50163 — allows remote, unauthenticated attackers to execute arbitrary code over a network against servers running RRAS, elevating the threat posture for any organization...
Microsoft's Security Response Center lists CVE-2025-50161 as a heap-based buffer overflow in the Win32K GRFX subsystem that allows an authorized local attacker to elevate privileges, and administrators should treat this as a high-priority patching item for all affected Windows hosts...
A critical heap-based buffer overflow in the Windows Routing and Remote Access Service (RRAS) has been disclosed that can allow remote code execution over a network—an unauthenticated attacker can potentially execute arbitrary code on vulnerable systems that have RRAS enabled, making prompt...
A heap‑based buffer overflow found in Microsoft Excel, tracked as CVE‑2025‑53741, has been published in Microsoft's Security Update Guide as a vulnerability that can allow an attacker to execute code on a victim machine when a crafted spreadsheet is opened; administrators and users should treat...
A critical CISA advisory warns that multiple Ashlar‑Vellum desktop CAD products — including Cobalt, Xenon, Argon, Lithium and the Cobalt Share collaboration app — contain serious file‑parsing memory‑corruption flaws that can lead to arbitrary code execution; the advisory lists a CVSS v4 base...
As of July 8, 2025, there is no publicly available information regarding a vulnerability identified as CVE-2025-49676 affecting Windows Routing and Remote Access Service (RRAS). It's possible that this CVE has not been disclosed or documented in public databases.
However, several other...
A newly disclosed vulnerability with the identifier CVE-2025-24063 has emerged as a significant security concern for Windows users and system administrators, drawing attention to the underlying complexities of the Windows Kernel Streaming Service Driver and the ever-present risks associated with...
Amidst the ever-evolving landscape of cyber threats and the relentless pace at which new vulnerabilities emerge, proactive defense remains the cornerstone of robust cybersecurity. Recent developments from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have cast a sharp...
arbitrary code
avi files
buffer overflow
critical flaws
cve-2011-2587
cve-2011-2588
cybersecurity
demuxer
exploitation
heapoverflow
hossein lotfi
media player
realmedia
research
secunia
security
software security
tech news
vlc media player
vulnerabilities
The latest updates to Apple's Safari WebKit-based browser, versions 5.0.1 and 4.1.1, include several new features, such as enabling Safari Extensions and introducing the Safari Extensions Gallery,. They also address a number of security vulnerabilities. In total, the Safari updates close 15...
apple
auto-complete
browser
cross-site scripting
data theft
heapoverflow
information disclosure
internet explorer
mac os
malware
memory corruption
safari
security
svg
updates
vulnerabilities
web security
webkit
windows xp
xss
Version 1.0.6 (part of the 'Goldeneye' branch) of the free media player and streamer – VLC media player – eliminates nine security vulnerabilities and offers increased stability. The vulnerabilities were discovered by the developers while working on the code for the upcoming version 1.1.0 and...
audio decoders
decoding
ffmpeg
gnu gpl
h.264
heapoverflow
linux
media streaming
memory errors
mpeg-vc-1
rtmp
security
source code
stability
update
video files
vlc media player
vulnerabilities
windows 7
windows vista
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.