CVE-2019-25670

River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lameenc.dll field. Attackers can craft a payload with 280 bytes of padding, a next structured exception...

CVE-2019-25681

CVE-2019-25681 affects Xlight FTP Server 3.9.1. The issue is a structured exception handler (SEH) overwrite that allows a local attacker to crash the application and overwrite SEH pointers by sending a crafted buffer. Specifically, a 428-byte payload injected via the program execution field in th...

CVE-2019-25681 Xlight FTP Server 3.9.1 SEH Overwrite Buffer Overflow

Xlight FTP Server 3.9.1 contains a structured exception handler SEH overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual...

CVE-2019-25679 RealTerm Serial Terminal 2.0.0.70 Buffer Overflow SEH

RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling SEH buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain a...

CVE-2019-25679

RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling SEH buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain a...

CVE-2019-25679 RealTerm Serial Terminal 2.0.0.70 Buffer Overflow SEH

RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling SEH buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain a...

CVE-2019-25670

River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lameenc.dll field. Attackers can craft a payload with 280 bytes of padding, a next structured exception...

CVE-2019-25670 River Past Video Cleaner 7.6.3 Buffer Overflow via SEH

River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lameenc.dll field. Attackers can craft a payload with 280 bytes of padding, a next structured exception...

CVE-2019-25670

River Past Video Cleaner 7.6.3 is affected by a buffer overflow in the Lame_enc.dll field triggered via a crafted input, enabling local code execution through a structured exception handler (SEH) overwrite with ~280 bytes of padding and shellcode. This is a local/privilege‑requiring vulnerability...

PT-2026-30487

RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling SEH buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain a...

River Past Video Cleaner 缓冲区错误漏洞

River Past Video Cleaner is a software tool developed by River Past Corporation, designed for batch conversion and repair of video formats and timestamps. Version 7.6.3 of River Past Video Cleaner contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the...

RealTerm Serial Terminal 缓冲区错误漏洞

RealTerm Serial Terminal is a terminal tool software developed by Crun, which supports serial communication, data capture, and debugging. Version 2.0.0.70 of RealTerm Serial Terminal contains a buffer error vulnerability. This vulnerability stems from structured exception handling that leads to a...

EUVD-2018-21754

Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Netplay Options menu t...

CVE-2018-25255 10-Strike LANState 8.8 Local Buffer Overflow SEH

10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that...

SNES9k 缓冲区错误漏洞

SNES9k is a game emulator developed by darkadonis2. Version 0.0.9z of SNES9k contains a buffer error vulnerability, which stems from a buffer overflow in the Netplay Socket Port Number field. This vulnerability could allow local attackers to execute code by overwriting the structured exception...

10-Strike LANState 缓冲区错误漏洞

10-Strike LANState is a Windows network tool developed by the American company 10-Strike. It is used for network topology scanning, device visualization, and management. Version 8.8 of 10-Strike LANState contains a buffer error vulnerability. This vulnerability stems from improper handling of...

CVE-2026-34725

DbGate is cross-platform database manager. From version 7.0.0 to before version 7.1.5, a stored XSS vulnerability exists in DbGate because attacker-controlled SVG icon strings are rendered as raw HTML without sanitization. In the web UI this allows script execution in another user's browser; in t...

CVE-2026-34725

DbGate is cross-platform database manager. From version 7.0.0 to before version 7.1.5, a stored XSS vulnerability exists in DbGate because attacker-controlled SVG icon strings are rendered as raw HTML without sanitization. In the web UI this allows script execution in another user's browser; in t...

CVE-2026-34725 dbgate-web: Stored XSS in applicationIcon leads to potential RCE in Electron due to unsafe renderer configuration

DbGate is cross-platform database manager. From version 7.0.0 to before version 7.1.5, a stored XSS vulnerability exists in DbGate because attacker-controlled SVG icon strings are rendered as raw HTML without sanitization. In the web UI this allows script execution in another user's browser; in t...

DbGate 代码注入漏洞

DbGate is an open-source database manager developed by DbGate. Versions of DbGate from 7.0.0 to 7.1.5 had a code injection vulnerability. This vulnerability occurred because SVG icon strings controlled by attackers were rendered as raw HTML without being cleaned properly, which could lead to...