CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/03/28 11:58 a.m.•7 views

CVE-2017-20227 JAD 1.5.8e-1kali1 Stack-Based Buffer Overflow

9.8CVSS6.6AI score0.00668EPSS

Cvelist•added 2026/03/28 11:58 a.m.•23 views

CVE-2017-20225 TiEmu 2.08 Stack-Based Buffer Overflow Vulnerability

TiEmu 2.08 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can trigger the overflow through command-line arguments passed to the application, leveraging ROP...

9.8CVSS0.00796EPSS

ATTACKERKB•added 2026/03/28 11:58 a.m.•3 views

CVE-2016-20049

JAD 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 8150 bytes to overflow the stack, overwrite return...

9.8CVSS6.6AI score0.00668EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/03/28 11:58 a.m.•5 views

CVE-2017-20225 TiEmu 2.08 Stack-Based Buffer Overflow Vulnerability

9.8CVSS6.6AI score0.00796EPSS

CVE•added 2026/03/28 11:58 a.m.•8 views

CVE-2016-20046

CVE-2016-20046 concerns zFTP Client 20061220+dfsg3-4.1, which reportedly contains a local buffer overflow in the NAME parameter handling of FTP connections. An oversized NAME value can overflow an 80-byte buffer allocated in strcpy_chk, potentially overwriting the instruction pointer and enabling...

8.6CVSS6.3AI score0.0015EPSS

Cvelist•added 2026/03/28 11:58 a.m.•32 views

CVE-2016-20046 zFTP Client 20061220+dfsg3-4.1 Local Buffer Overflow

zFTP Client 20061220+dfsg3-4.1 contains a buffer overflow vulnerability in the NAME parameter handling of FTP connections that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized NAME value exceeding the 80-byte buffer allocated in strcpych...

8.6CVSS0.0015EPSS

Vulnrichment•added 2026/03/28 11:58 a.m.•1 views

CVE-2016-20046 zFTP Client 20061220+dfsg3-4.1 Local Buffer Overflow

8.6CVSS6.3AI score0.0015EPSS

CVE•added 2026/03/28 11:58 a.m.•6 views

CVE-2016-20044

CVE-2016-20044 concerns PInfo 0.6.9-5.1, where a local buffer overflow via the -m parameter allows a local attacker to execute arbitrary code. The advisory describes crafting input with 564 bytes of padding followed by a return address to overwrite the instruction pointer and run shellcode with t...

8.6CVSS6.4AI score0.00241EPSS

Exploits1References3Affected Software1

Cvelist•added 2026/03/28 11:58 a.m.•31 views

CVE-2016-20044 PInfo 0.6.9-5.1 Local Buffer Overflow via -m Parameter

PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Attackers can craft a malicious input string with 564 bytes of padding followed by a return address to overwrite the...

8.6CVSS0.00241EPSS

CVE•added 2026/03/28 11:58 a.m.•8 views

CVE-2016-20041

Yasr 0.6.9-5 contains a buffer overflow via the -p command-line parameter, enabling local attackers to crash the app or execute arbitrary code by sending a crafted payload (junk data, shellcode, return address) to overwrite the stack. Impact is local code execution with high confidentiality/integ...

8.6CVSS6.4AI score0.00163EPSS

Vulnrichment•added 2026/03/28 11:58 a.m.•1 views

CVE-2016-20041 Yasr 0.6.9-5 Buffer Overflow via Command-line Parameter

Yasr 0.6.9-5 contains a buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized argument to the -p parameter. Attackers can invoke yasr with a crafted payload containing junk data, shellcode, and a return address to...

8.6CVSS6.4AI score0.00163EPSS

CVE•added 2026/03/28 11:58 a.m.•5 views

CVE-2016-20040

CVE-2016-20040 affects TiEmu 3.03-nogdb+dfsg-3. A local overflow exists in the ROM parameter handling that allows a local attacker to crash the application or execute arbitrary code by supplying an oversized ROM parameter to the tiemu CLI, overflowing a stack buffer and overwriting the instructio...

8.6CVSS6.3AI score0.00163EPSS

RedhatCVE•added 2026/03/28 10:51 a.m.•6 views

CVE-2026-32669

Code injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary code may be executed on the products...

9.8CVSS7.3AI score0.00266EPSS

RedhatCVE•added 2026/03/28 10:51 a.m.•4 views

CVE-2026-22738

In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value is used as a filter expression key. A malicious actor could exploit this to execute arbitrary code. Only applications that use SimpleVectorStore and pass user-supplied input as a filter expression...

9.8CVSS6.1AI score0.00821EPSS

ATTACKERKB•added 2026/03/28 6:0 a.m.•4 views

CVE-2025-15445

The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP...

5.4CVSS6AI score0.0022EPSS

CVE•added 2026/03/28 6:0 a.m.•12 views

CVE-2025-15445

The CVE-2025-15445 entry relates to the WordPress theme Restaurant Cafeteria up to version 0.4.6. The issue is insecure admin-ajax actions that lack nonce or capability checks, enabling any logged-in user (e.g., a subscriber) to perform privileged operations. The documented impact includes arbitr...

5.4CVSS6AI score0.0022EPSS