205476 matches found
CVE-2018-25258
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...
CVE-2019-25705 Echo Mirage 3.1 Stack Buffer Overflow via Rules Action Field
Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized string in the Rules action field. Attackers can create a malicious text file with a crafted payload exceeding buffer boundaries a...
CVE-2019-25705
Echo Mirage 3.1 is affected by a stack buffer overflow in the Rules action field. A local attacker can cause a crash or arbitrary code execution by supplying an oversized string via the Rules dialog (crafting a payload in a text file and pasting into the action field). This overflow can overwrite...
CVE-2019-25701
CVE-2019-25701 affects Easy Video to iPod Converter 1.6.20. The issue is a local buffer overflow in the user registration field, where a crafted payload exceeding 996 bytes in the username can trigger an SEH overwrite and allow an attacker to execute arbitrary code with user privileges. Documents...
CVE-2019-25701
Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...
CVE-2019-25701 Easy Video to iPod Converter 1.6.20 Local Buffer Overflow SEH
Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...
CVE-2019-25701 Easy Video to iPod Converter 1.6.20 Local Buffer Overflow SEH
Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...
CVE-2019-25695 R 3.4.4 Local Buffer Overflow Windows XP SP3
R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the...
CVE-2019-25695
The CVE-2019-25695 entry affects R 3.4.4, describing a local buffer overflow in the GUI Preferences language field. The root cause is improper handling of input in that field, enabling a local attacker to execute arbitrary code by pasting a crafted payload that uses a 292-byte offset and a JMP ES...
CVE-2019-25695 R 3.4.4 Local Buffer Overflow Windows XP SP3
R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the...
CVE-2019-25689 HTML5 Video Player 1.2.5 Local Buffer Overflow Non-SEH
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigge...
CVE-2019-25691
CVE-2019-25691 affects Faleemi Desktop Software 1.8. The vulnerability is a local buffer overflow in the System Setup dialog that enables DEP bypass through structured exception handling. An attacker can inject a crafted payload into the Save Path for Snapshot and Record file field to trigger a b...
CVE-2018-25258
CVE-2018-25258 affects RGui 3.5.0. The issue is a local buffer overflow in the GUI preferences dialog, enabling DEP bypass via structured exception handling and a stack-based overflow triggered by input in the Language for menus and messages field. This can be exploited to construct a ROP chain f...
CVE-2018-25258 RGui 3.5.0 Local Buffer Overflow SEH DEP Bypass
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...
CVE-2018-25258
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...
CVE-2018-25258 RGui 3.5.0 Local Buffer Overflow SEH DEP Bypass
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the SpelHelper.parseExpression function of the /warm-flow/save-json endpoint when handling the listenerPath, skipCondition, or permissionFlag arguments. An attacker can execute arbitrary code by supplying...
Arbitrary Code Injection
Overview AstrBot is a 易上手的多平台 LLM 聊天机器人及开发框架 Affected versions of this package are vulnerable to Arbitrary Code Injection via the installpluginupload function. An attacker can execute unauthorized code and potentially compromise the application by uploading a crafted file to the affected endpoint...
Arbitrary Code Injection
Overview AstrBot is a 易上手的多平台 LLM 聊天机器人及开发框架 Affected versions of this package are vulnerable to Arbitrary Code Injection via the addmcpserver function in the MCP Endpoint component when processing untrusted input in the command argument. An attacker can execute arbitrary system commands by...
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621 , carries a CVSS score of 8.6 out of 10.0. Successful exploitation of the flaw could allow an...