255 matches found
EUVD-2016-10839
TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Attackers can craft a malicious command-line argument with 156 bytes of padding followed by a return address to overwrite the...
CVE-2016-20043
NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the...
UBUNTU-CVE-2018-25222
SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 1052 bytes to overwrite the instruction pointer and execute...
CVE-2016-20044
PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Attackers can craft a malicious input string with 564 bytes of padding followed by a return address to overwrite the...
CVE-2018-25222 SC v7.16 Stack-Based Buffer Overflow Remote Code Execution
SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 1052 bytes to overwrite the instruction pointer and execute...
CVE-2016-20047
CVE-2016-20047 affects EKG Gadu 1.9~pre+r2855-3+b1. A local vulnerability arises from a buffer overflow in username handling, triggered by a crafted oversized username string. The overflow occurs in a call to strlcpy when an input buffer exceeds 258 bytes, enabling an attacker to overwrite the in...
CVE-2016-20046 zFTP Client 20061220+dfsg3-4.1 Local Buffer Overflow
zFTP Client 20061220+dfsg3-4.1 contains a buffer overflow vulnerability in the NAME parameter handling of FTP connections that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized NAME value exceeding the 80-byte buffer allocated in strcpych...
CVE-2019-25637
X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload...
Fresh X-NetStat Pro 缓冲区错误漏洞
Fresh X-NetStat Pro is a network connection status monitoring tool developed by Fresh Corporation. Version X-NetStat Pro 5.63 contains a buffer error vulnerability, which stems from a local buffer overflow. This vulnerability could allow local attackers to exploit the overflow in the 264-byte...
PT-2026-27371
X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload...
CVE-2019-25332
FTP Commander Pro 8.03 contains a local stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting the EIP register through a custom command input. Attackers can craft a malicious payload of 4108 bytes to overwrite memory and execute shellcode, demonstrating remot...
CVE-2019-25332
FTP Commander Pro 8.03 contains a local stack overflow vulnerability that allows arbitrary code execution by overwriting the EIP register through a crafted command input; a 4108-byte payload can overwrite memory and execute shellcode. CVSS metrics indicate impact and exploitability (CVSS v4.0: ba...
CVE-2020-37159
Parallaxis Cuckoo Clock 5.0 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory registers in the alarm scheduling feature. Attackers can craft a malicious payload exceeding 260 bytes to overwrite EIP and EBP, enabling shellcode execution...
EUVD-2020-30905
BearShare Lite 5.2.5 contains a buffer overflow vulnerability in the Advanced Search keywords input that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload to overwrite the EIP register and execute shellcode by pasting malicious content into the search...
PT-2026-5285
BearShare Lite 5.2.5 contains a buffer overflow vulnerability in the Advanced Search keywords input that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload to overwrite the EIP register and execute shellcode by pasting malicious content into the search...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002179)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002179 advisory. arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial o...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001939)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001939 advisory. The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call tha...
SUSE CVE-2025-68259
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced When re-injecting a soft interrupt from an INT3, INT0, or select INTn instruction, discard the exception and retry the instruction if the code stream is changed...
PT-2025-51672
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the KVM SVM component. Specifically, when re-injecting a soft interrupt from an INT3 instruction, the system may discard the exception and retry t...
KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid
...