3665 matches found
CVE-2016-20038 yTree 1.94-1.1 Stack-Based Buffer Overflow
yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an excessively long argument to the application. Attackers can craft a malicious command-line argument containing shellcode and a return address to overwrite the...
CVE-2016-20037
CVE-2016-20037 describes a stack-based buffer overflow in xwpe 1.5.30a-2.1 and earlier. The vulnerability allows a local attacker to execute arbitrary code by passing overly long input strings that exceed buffer boundaries; attackers can craft command-line arguments with 262 bytes of junk data fo...
CVE-2016-20037
xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer boundaries. Attackers can craft malicious command-line arguments with 262 bytes of junk data followed by...
CVE-2016-20037 xwpe 1.5.30a-2.1 Stack-based Buffer Overflow
xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer boundaries. Attackers can craft malicious command-line arguments with 262 bytes of junk data followed by...
PT-2026-28229
Name of the Vulnerable Software and Affected Versions zFTP Client version 20061220+dfsg3-4.1 Description A buffer overflow occurs during the handling of the NAME parameter in FTP connections. A local attacker can provide an oversized NAME value that exceeds the 80-byte buffer allocated in the...
PT-2026-28227
NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the...
PT-2026-28232
Name of the Vulnerable Software and Affected Versions Mapscrn version 2.0.3 Description A stack-based buffer overflow allows local attackers to execute arbitrary code or cause a denial of service by providing an oversized input buffer. This is achieved by crafting a malicious buffer containing ju...
PT-2026-28226
Name of the Vulnerable Software and Affected Versions TRN version 3.6-23 Description A stack buffer overflow allows local attackers to execute arbitrary code by providing an oversized argument to the application. This is achieved by crafting a malicious command-line argument containing 156 bytes ...
PT-2026-28234
Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input to the application. Attackers can craft malicious assembly input exceeding 5895 bytes to overwrite the instruction pointer and execute...
Xwpe 缓冲区错误漏洞
Xwpe is a terminal-based text editing and integrated development environment tool developed by Xwpe Corporation. Versions of Xwpe 1.5.30a to 2.1 contained a buffer error vulnerability, which was caused by a stack buffer overflow. This vulnerability could allow local attackers to execute arbitrary...
trn 缓冲区错误漏洞
TRN is a terminal-based news group reading and discussion client tool developed by Wayned. Version TRN 3.6-23 contains a buffer error vulnerability, which stems from a stack buffer overflow. This vulnerability could allow local attackers to execute arbitrary code by providing excessively large...
PInfo 缓冲区错误漏洞
PIInfo is a terminal interface tool used by PInfo company for browsing Info documents. Versions of PInfo from 0.6.9 to 5.1 contain a buffer error vulnerability. This vulnerability stems from a local buffer overflow, which may allow local attackers to execute arbitrary code by providing excessivel...
SC 缓冲区错误漏洞
SC is a software developed by SC OpenSource. Version 7.16 of SC contains a buffer overflow vulnerability, which stems from a stack buffer overflow. This vulnerability could allow local attackers to execute arbitrary code...
Practical Music Search 访问控制错误漏洞
Practical Music Search is a search tool developed by slicer86, designed to support music information retrieval and content indexing. Version 0.42 of Practical Music Search contains an access control error vulnerability, which stems from a stack buffer overflow. This vulnerability could allow...
Flat Assembler 缓冲区错误漏洞
Flat Assembler is an assembly language compiler developed by Tomasz Grysztar, designed to work on multiple platforms. Version 1.71.21 of Flat Assembler contains a buffer overflow vulnerability. This vulnerability stems from a stack buffer overflow, which could allow local attackers to execute...
CVE-2025-41359
Vulnerability related to an unquoted service path in Small HTTP Server 3.06.36, specifically affecting the executable located at 'C:\Program Files x86\shttpsmg\http.exe service'. This misconfiguration allows a local attacker to place a malicious executable with the same name in a higher priority...
EUVD-2018-21692
PDF Explorer 1.5.66.2 contains a structured exception handler SEH overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Attackers can craft a payload with buffer overflow, NSEH jump, and ROP gadget chains that execute when the...
EUVD-2019-20039
River Past CamDo 3.7.6 contains a structured exception handler SEH buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lameenc.dll name field. Attackers can craft a payload with a 280-byte buffer, NSEH jump instruction, and SE...
EUVD-2018-21696
PassFab Excel Password Recovery 8.3.1 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the registration code field. Attackers can craft a buffer overflow payload with a pop-pop-ret gadg...
EUVD-2018-21684
Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Attackers can craft a payload with SEH chain overwrite and inject shellcode through the DNS Query...