62 matches found
CVE-2019-25318
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button ...
CVE-2019-25319
Domain Quester Pro 6.02 contains a stack overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler SEH registers. Attackers can craft a malicious payload targeting the 'Domain Name Keywords' input field to trigger an access violation...
CVE-2019-25318
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button ...
CVE-2019-25318
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button ...
CVE-2019-25319 Domain Quester Pro 6.02 - Stack Overflow (SEH)
Domain Quester Pro 6.02 contains a stack overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler SEH registers. Attackers can craft a malicious payload targeting the 'Domain Name Keywords' input field to trigger an access violation...
CVE-2019-25318 AVS Audio Converter 9.1.2.600 - Stack Overflow
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button ...
CVE-2019-25318
The CVE describes a stack overflow in AVS Audio Converter 9.1.2.600 triggered by manipulating the output folder text input. A crafted payload can overwrite stack memory and execute arbitrary code, resulting in a bind shell on port 9999 when the Browse button is clicked. No remediation details are...
CVE-2019-25319
Domain Quester Pro 6.02 is affected by a stack overflow affecting the Structured Exception Handler (SEH). The vulnerability can be triggered by crafting a malicious payload in the Domain Name Keywords input field, leading to an access violation and remote code execution, including a bind shell on...
CVE-2019-25318 AVS Audio Converter 9.1.2.600 - Stack Overflow
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button ...
CVE-2019-25319
Domain Quester Pro 6.02 contains a stack overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler SEH registers. Attackers can craft a malicious payload targeting the 'Domain Name Keywords' input field to trigger an access violation...
CVE-2019-25319 Domain Quester Pro 6.02 - Stack Overflow (SEH)
Domain Quester Pro 6.02 contains a stack overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler SEH registers. Attackers can craft a malicious payload targeting the 'Domain Name Keywords' input field to trigger an access violation...
PT-2026-7918
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button ...
CVE-2024-2318
A vulnerability was found in ZKTeco ZKBio Media 2.0.0x642024-01-29-1028. It has been classified as problematic. Affected is an unknown function of the file /pro/common/download of the component Service Port 9999. The manipulation of the argument fileName with the input ../../../../zkbiomedia.sql...
📄 Remote Trackpad: Virtual Tool 1.5.7 Remote Code Execution
Remote Trackpad: Virtual Tool version 1.5.7 is vulnerable to unauthenticated remote code execution via TCP port 9999. An attacker on the same network can inject simulated keyboard input, allowing arbitrary command execution without user interaction or authentication. Exploit Title: Remote Trackpa...
📄 Computer Mouse: Remote Control 1.1.6 Remote Code Execution
Computer Mouse: Remote Control version 1.1.6 for macOS is vulnerable to unauthenticated remote code execution via TCP port 9999. An attacker on the same network can inject simulated keyboard input, allowing arbitrary command execution without user interaction or authentication. Exploit Title:...
CVE-2021-20140
An unauthenticated command injection vulnerability exists in the parameters of operation 10 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20139
An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to...
CVE-2021-20142
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20141
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2020-10920
This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the control service, which listens on TCP port...