CVE-2019-25736

LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP field. Attackers can craft a specially formatted input file with shellcode and overwrite the return address to execute calc.ex...

CVE-2018-25423

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 bytes into the IP address or domain input field to trigger a denial of service condition...

CVE-2018-25295

ObserverIP Scan Tool 1.4.0.1 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the IP input field. Attackers can paste a 2000-byte buffer of repeated characters into the IP field and trigger a search operati...

CVE-2016-20050

NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a crafted payload containing 388 bytes of data followed by 4 bytes of EIP overwrite into the...

SolarWinds FTP Voyager 缓冲区错误漏洞

SolarWinds FTP Voyager is an FTP client software developed by the American company SolarWinds. Version 16.2.0 of SolarWinds FTP Voyager contains a buffer overflow vulnerability. This vulnerability arises from improper handling of data in the IP field of the site configuration file. It is possible...

CVE-2019-25232 NetPCLinker 1.0.0.0 - Buffer Overflow

NetPCLinker 1.0.0.0 contains a buffer overflow vulnerability in the Clients Control Panel DNS/IP field that allows attackers to execute arbitrary shellcode. Attackers can craft a malicious payload in the DNS/IP input to overwrite SEH handlers and execute shellcode when adding a new client...

EUVD-2023-2624

Malicious code in bioql PyPI...

DEBIAN-CVE-2024-22120

Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to "Audit Log". Due to "clientip" field is not sanitized, it is possible to injection SQL into "clientip" and exploit time based blind SQL injection...

CVE-2024-28639

Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022, allow remote attackers to execute arbitrary code and cause a denial of service DoS via the IP field...

CVE-2024-28639

Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022, allow remote attackers to execute arbitrary code and cause a denial of service DoS via the IP field...

TOTOLINK X5000R、A7000R 安全漏洞

TOTOLINK X5000R is a router.TOTOLINK A7000R is a wireless router. A buffer overflow vulnerability exists in the TOTOLINK X5000R and A7000R. The vulnerability originates from the sub41F7E8 function in the /www/cgi bin/cstegi.cgi file copying the contents of the IP field without checking the data...

CVE-2024-28639

Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022, allow remote attackers to execute arbitrary code and cause a denial of service DoS via the IP field...

CVE-2021-25736 Windows kube-proxy LoadBalancer contention

Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port “spec.ports.port” as a LoadBalancer Service when the LoadBalancer controller does not set the “status.loadBalancer.ingress.ip” field. Clusters where the LoadBalancer controller sets the...

D-Link DIR-816 A2 缓冲区错误漏洞

The D-Link DIR-816 is a wireless AC750 dual-band router. A stack buffer overflow vulnerability exists in the handler function of /goform/addassignment in the D-Link DIR-816 A2 version 1.10 B05. An attacker can exploit the vulnerability by entering long text in the sip and smac fields to cause the...

CVE-2019-14259

On the Polycom Obihai Obi1022 VoIP phone with firmware 5.1.11, a command injection missing input validation issue in the NTP server IP address field for the "Time Service Settings web" interface allows an authenticated remote attacker in the same network to trigger OS commands via shell commands ...

DSScan 1.0 - Local Buffer Overflow (PoC)

!/usr/bin/python Exploit Title : DSScan v1.0 Hostname/IP Field SEH Overwrite POC Discovery by : Anurag Srivastava Email : [email protected] Website : http://pyramidcyber.com/ Discovery Date : 18/08/2017 Software Link : https://www.mcafee.com/in/downloads/free-tools/dsscan.aspx...

CIScan 1.00 SEH Overwrite

!/usr/bin/python Exploit Title : CIScanv1.00 Hostname/IP Field SEH Overwrite POC Discovery by : Nipun Jaswal Email : [email protected] Discovery Date : 11/05/2016 Software Link : http://www.mcafee.com/us/downloads/free-tools/ciscan.aspx Tested Version : 1.00 Vulnerability Type: SEH Overwrite...

CVE-2010-2292

Cross-site scripting XSS vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field...

Cross site scripting

Cross-site scripting XSS vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field...

CVE-2010-2292

CVE-2010-2292 is a cross-site scripting (XSS) vulnerability in the Ping tools web interface of the D-Link Di-604 router. The issue allows remote attackers to inject arbitrary web script or HTML via the IP field. According to the NVD entry, the vulnerability has a CVSS v2 base score of 4.3 (Medium...