1346 matches found
CVE-2026-5037
A vulnerability was determined in mxml up to 4.0.4. This issue affects the function indexsort of the file mxml-index.c of the component mxmlIndexNew. Executing a manipulation of the argument tempr can lead to stack-based buffer overflow. The attack is restricted to local execution. The exploit ha...
UBUNTU-CVE-2016-20043
NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the...
UBUNTU-CVE-2016-20044
PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Attackers can craft a malicious input string with 564 bytes of padding followed by a return address to overwrite the...
UBUNTU-CVE-2016-20048
iSelect 1.4.0-2+b1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized value to the -k/--key parameter. Attackers can craft a malicious argument containing a NOP sled, shellcode, and return address to overflow a 1024-byte...
CVE-2016-20047 EKG Gadu 1.9 Local Buffer Overflow via Username Parameter
EKG Gadu 1.9pre+r2855-3+b1 contains a local buffer overflow vulnerability in the username handling that allows local attackers to execute arbitrary code by supplying an oversized username string. Attackers can trigger the overflow in the strlcpy function by passing a crafted buffer exceeding 258...
CVE-2026-4993
A vulnerability has been found in wandb OpenUI up to 0.0.0.0/1.0. This impacts an unknown function of the file backend/openui/config.py. The manipulation of the argument LITELLMMASTERKEY leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the...
PT-2026-28230
EKG Gadu 1.9pre+r2855-3+b1 contains a local buffer overflow vulnerability in the username handling that allows local attackers to execute arbitrary code by supplying an oversized username string. Attackers can trigger the overflow in the strlcpy function by passing a crafted buffer exceeding 258...
EUVD-2019-20035
MyVideoConverter Pro 3.14 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string to the registration code input field. Attackers can paste a malicious payload containing 10000 bytes into the 'Copy and Paste Registratio...
CVE-2019-25648
CVE-2019-25648 affects MyVideoConverter Pro 3.14. A local buffer overflow occurs in the registration code input field, where a attacker-supplied payload of about 10,000 bytes can crash the application, causing a Denial of Service. No exploitation details or fixes are provided in the available doc...
CVE-2018-25214
MegaPing contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload to the Destination Address List field in the Finger function. Attackers can paste a crafted buffer exceeding expected input limits into the vulnerable fie...
CVE-2018-25212 Boxoft wav-wma Converter 1.0 Local Buffer Overflow SEH
Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets to overwrite the SEH...
MyVideoConverter Pro 缓冲区错误漏洞
MyVideoConverter Pro is an open-source multi-format video conversion and processing tool developed by Ivideogo. Version 3.14 of MyVideoConverter Pro contains a buffer overflow vulnerability. This vulnerability stems from a local buffer overflow, which could allow attackers to cause the applicatio...
River Past Audio Converter 缓冲区错误漏洞
River Past Audio Converter is an audio format conversion and processing tool developed by River Past Corporation. Version 7.7.16 of River Past Audio Converter has a buffer error vulnerability. This vulnerability stems from a local buffer overflow in the activation code field, which may allow loca...
Iperius Backup 安全漏洞
Iperius Backup is a backup tool developed by the Italian company Iperius Backup. Iperius Backup versions 8.7.3 and earlier have a security vulnerability. This vulnerability stems from insecure permissions when the backup service component creates temporary files, which could lead to local attacks...
PT-2026-28134
Name of the Vulnerable Software and Affected Versions Enter Software Iperius Backup versions through 8.7.3 Description A flaw exists in the Backup Job Configuration File Handler component of Enter Software Iperius Backup. This issue relates to improper privilege management and requires local acce...
Fresh X-NetStat Pro 缓冲区错误漏洞
Fresh X-NetStat Pro is a network connection status monitoring tool developed by Fresh Corporation. Version X-NetStat Pro 5.63 contains a buffer error vulnerability, which stems from a local buffer overflow. This vulnerability could allow local attackers to exploit the overflow in the 264-byte...
FlexHEX 代码问题漏洞
FlexHEX is an open-source hexadecimal data editor developed by FlexHEX. Version 2.71 of FlexHEX contains a code vulnerability caused by a local buffer overflow in the Stream Name field. This vulnerability could allow local attackers to execute arbitrary code by triggering the structured exception...
CVE-2026-4538
A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The projec...
EUVD-2019-19839
Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field during...
CVE-2019-25554
Tomabo MP4 Converter 3.25.22 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can trigger a buffer overflow by pasting a large payload into the Name parameter when adding a preset i...