99 matches found
EUVD-2026-41404
A shellcode injection in the mercurial handler of the obs tarscm source service before version 0.12.4 could be used by attackers able to provide a service file to execute code as the source service or the local user checking out the malicious services...
CVE-2026-56004
A shellcode injection in the mercurial handler of the obs tarscm source service before version 0.12.4 could be used by attackers able to provide a service file to execute code as the source service or the local user checking out the malicious services...
PT-2026-55256
Name of the Vulnerable Software and Affected Versions obs tar scm source service versions prior to 0.12.4 Description A shellcode injection exists in the mercurial handler of the source service. Attackers who can provide a crafted service file can execute arbitrary code as the source service or t...
Malicious code in analysis-chart (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1ab4349bcc1e8f4434817d242b136f6e6050d4acb234aa833d81ffd74942066 The package's postinstall hook install-hook.js, invoked via package.json scripts.postinstall fetches an opaque binary 'payload.bin' from...
CVE-2018-25355
Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious input in the Interpret or Album fields that triggers a buffer overflow, overwriting SEH pointers a...
CVE-2018-25307
SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key. Attackers can inject shellcode through the Unlock Key field during registration to execute...
CVE-2018-25307
SysGauge Pro 4.6.12 has a local buffer overflow in the Register function that allows an attacker to overwrite the Structured Exception Handler by providing a crafted unlock key. The vulnerability enables shellcode injection via the Unlock Key field during registration, resulting in arbitrary code...
Flexense SysGauge Pro 安全漏洞
Flexense SysGauge Pro is a system analysis tool developed by Flexense Corporation, designed for real-time monitoring of system performance and resource usage. Version 4.6.12 of Flexense SysGauge Pro contains a security vulnerability. This vulnerability stems from a local buffer overflow in the...
binary-exploitation-writeups
Binary Exploitation Writeups A collection of pwn challenges c...
CVE-2018-25213
CVE-2018-25213 affects Nsauditor 3.0.28.0. The vulnerability is a structured exception handling (SEH) buffer overflow in the DNS Lookup tool that enables local attackers to achieve code execution with the application’s privileges by supplying specially crafted input to the DNS Query field. The de...
EUVD-2019-20014
X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload...
EUVD-2019-19998
AIDA64 Extreme 5.99.4900 contains a structured exception handler buffer overflow vulnerability in the logging functionality that allows local attackers to execute arbitrary code by supplying a malicious CSV log file path. Attackers can inject shellcode through the Hardware Monitoring logging...
CVE-2019-25637
X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload...
EUVD-2019-19959
JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointers. Attackers can inject alphanumeric encoded shellcode through the Log Directory field to trigger...
CVE-2019-25619
The CVE-2019-25619 case affects FTP Shell Server 6.83. A buffer overflow is triggered in the 'Account name to ban' field, enabling local attackers to execute arbitrary code by supplying a crafted string. The account name parameter in the Manage FTP Accounts dialog can be used to inject shellcode ...
CVE-2019-25609
JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointers. Attackers can inject alphanumeric encoded shellcode through the Log Directory field to trigger...
PT-2026-26997
JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointers. Attackers can inject alphanumeric encoded shellcode through the Log Directory field to trigger...
PT-2026-27007
FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field that allows local attackers to execute arbitrary code by supplying a crafted string. Attackers can inject shellcode through the account name parameter in the Manage FTP Accounts dialog to overwrite t...
ShellExploit
This project is no longer supported PowerSploit is a col...
Vulnserver-Buffer-Overflow-Automation
Vulnserver-Buffer-Overflow-Automation A modular Python 3 autom...