CVE-2016-20040

TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in the ROM parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized ROM parameter to the tiemu command-line interface to overflow the stack buffer and...

UBUNTU-CVE-2016-20037

xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer boundaries. Attackers can craft malicious command-line arguments with 262 bytes of junk data followed by...

CVE-2017-20225 TiEmu 2.08 Stack-Based Buffer Overflow Vulnerability

TiEmu 2.08 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can trigger the overflow through command-line arguments passed to the application, leveraging ROP...

CVE-2017-20225

CVE-2017-20225 affects TiEmu 2.08 and earlier. The issue is a stack-based buffer overflow caused by inadequate boundary checks on user-supplied input, triggered by command-line arguments. An attacker can leverage this to execute arbitrary code within the application context, using ROP gadgets to ...

CVE-2017-20225

TiEmu 2.08 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can trigger the overflow through command-line arguments passed to the application, leveraging ROP...

CVE-2017-20225 TiEmu 2.08 Stack-Based Buffer Overflow Vulnerability

TiEmu 2.08 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can trigger the overflow through command-line arguments passed to the application, leveraging ROP...

CVE-2016-20045

CVE-2016-20045 affects HNB Organizer 1.9.18-10 and describes a local buffer overflow via the -rc command-line parameter. The vulnerability allows a local attacker to execute arbitrary code by supplying an input string exceeding about 108 bytes containing shellcode and a return address to overwrit...

CVE-2016-20042

CVE-2016-20042 describes a local stack buffer overflow in TRN 3.6-23 that allows local attackers to execute arbitrary code by supplying an oversized command-line argument. The payload pattern is 156 bytes of padding followed by a return address to overwrite the instruction pointer and run shellco...

CVE-2016-20041 Yasr 0.6.9-5 Buffer Overflow via Command-line Parameter

Yasr 0.6.9-5 contains a buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized argument to the -p parameter. Attackers can invoke yasr with a crafted payload containing junk data, shellcode, and a return address to...

CVE-2016-20040

CVE-2016-20040 affects TiEmu 3.03-nogdb+dfsg-3. A local overflow exists in the ROM parameter handling that allows a local attacker to crash the application or execute arbitrary code by supplying an oversized ROM parameter to the tiemu CLI, overflowing a stack buffer and overwriting the instructio...

CVE-2016-20040

TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in the ROM parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized ROM parameter to the tiemu command-line interface to overflow the stack buffer and...

CVE-2016-20040 TiEmu 3.03-nogdb+dfsg-3 Buffer Overflow via ROM Parameter

TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in the ROM parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized ROM parameter to the tiemu command-line interface to overflow the stack buffer and...

CVE-2016-20038 yTree 1.94-1.1 Stack-Based Buffer Overflow

yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an excessively long argument to the application. Attackers can craft a malicious command-line argument containing shellcode and a return address to overwrite the...

CVE-2016-20038

CVE-2016-20038 affects yTree 1.94-1.1 and is caused by a stack-based buffer overflow triggered by an excessively long command-line argument. This allows a local attacker to execute arbitrary code by injecting shellcode and a crafted return address to overwrite the stack. Exploitation is described...

CVE-2016-20038

yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an excessively long argument to the application. Attackers can craft a malicious command-line argument containing shellcode and a return address to overwrite the...

CVE-2016-20037

xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer boundaries. Attackers can craft malicious command-line arguments with 262 bytes of junk data followed by...

CVE-2026-2442 Pagelayer <= 2.0.7 - Improper Neutralization of CRLF Sequences to Unauthenticated Email Header Injection via 'email'

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Improper Neutralization of CRLF Sequences 'CRLF Injection' in all versions up to, and including, 2.0.7. This is due to the contact form handler performing placeholder substitution on...

WordPress plugin Pagelayer 注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

NewStart CGSL MAIN 7.02 : openssh Multiple Vulnerabilities (NS-SA-2026-0036)

The remote NewStart CGSL host, running version MAIN 7.02, has openssh packages installed that are affected by multiple vulnerabilities: - ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. CVE-2025-61985 - ssh ...

CVE-2026-33628

Invoice Ninja is a source-available invoice, quote, project and time-tracking app built with Laravel. Invoice line item descriptions in Invoice Ninja v5.13.0 bypass the XSS denylist filter, allowing stored XSS payloads to execute when invoices are rendered in the PDF preview or client portal. The...