3665 matches found
CVE-2019-25615
Lavavo CD Ripper 4.20 contains a structured exception handling SEH buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Activation Name field. Attackers can craft a payload with controlled buffer data, NSEH jump...
CVE-2019-25619
FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field that allows local attackers to execute arbitrary code by supplying a crafted string. Attackers can inject shellcode through the account name parameter in the Manage FTP Accounts dialog to overwrite t...
CVE-2019-25611
MiniFtp contains a buffer overflow vulnerability in the parseconfloadsetting function that allows local attackers to execute arbitrary code by supplying oversized configuration values. Attackers can craft a miniftpd.conf file with values exceeding 128 bytes to overflow stack buffers and overwrite...
CVE-2019-25612
Admin Express 1.2.5.485 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an alphanumeric encoded payload in the Folder Path field. Attackers can trigger the vulnerability through the System Compare...
CVE-2019-25619 FTP Shell Server 6.83 Buffer Overflow via Account Name
FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field that allows local attackers to execute arbitrary code by supplying a crafted string. Attackers can inject shellcode through the account name parameter in the Manage FTP Accounts dialog to overwrite t...
CVE-2019-25615
Lavavo CD Ripper 4.20 contains a structured exception handling SEH buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Activation Name field. Attackers can craft a payload with controlled buffer data, NSEH jump...
CVE-2019-25612 Admin Express 1.2.5.485 Local SEH Buffer Overflow via Folder Path
Admin Express 1.2.5.485 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an alphanumeric encoded payload in the Folder Path field. Attackers can trigger the vulnerability through the System Compare...
CVE-2019-25612
Admin Express 1.2.5.485 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an alphanumeric encoded payload in the Folder Path field. Attackers can trigger the vulnerability through the System Compare...
CVE-2019-25611
CVE-2019-25611 affects MiniFtp (miniftpd). The vulnerability is a stack buffer overflow in the function parseconf_load_setting triggered by oversized configuration values in miniftpd.conf (values >128 bytes). This can allow a local attacker to execute arbitrary code with root privileges. The i...
CVE-2019-25604
CVE-2019-25604 : DVDXPlayer Pro 5.5 has a local buffer overflow vulnerability in which crafted .plf playlist files can overflow a buffer and hijack the SEH chain to execute arbitrary code with application privileges. The issue relies on structured exception handling to gain code execution locally...
CVE-2019-25603 TuneClone 2.20 Structured Exception Handler Buffer Overflow
TuneClone 2.20 contains a structured exception handler SEH buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license code string. Attackers can craft a payload with a controlled buffer, NSEH jump instruction, and SEH handler address...
CVE-2019-25603
TuneClone 2.20 is affected by a local SEH-based buffer overflow vulnerability. A crafted license code string can overflow a buffer, with an NSEH jump and SEH handler address pointing to a ROP gadget to achieve arbitrary code execution and potentially establish a bind shell. The description specif...
CVE-2019-25603 TuneClone 2.20 Structured Exception Handler Buffer Overflow
TuneClone 2.20 contains a structured exception handler SEH buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license code string. Attackers can craft a payload with a controlled buffer, NSEH jump instruction, and SEH handler address...
PT-2026-26995
Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers can overflow the buffer at offset 214 bytes to overwrite the instruction pointer and execute...
LabF Axessh 缓冲区错误漏洞
LabF Axessh is a security terminal client software developed by LabF Corporation. Version 4.2 of LabF Axessh contains a buffer overflow vulnerability. This vulnerability stems from a stack-based buffer overflow in the log file name field, which could allow local attackers to execute arbitrary cod...
FTP Shell Server 缓冲区错误漏洞
FTP Shell Server is a secure file transfer server software developed by FTP Shell Inc. Version 6.83 of FTP Shell Server contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the account name field that needs to be prevented. It may allow local attackers to...
PT-2026-26991
TuneClone 2.20 contains a structured exception handler SEH buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license code string. Attackers can craft a payload with a controlled buffer, NSEH jump instruction, and SEH handler address...
jetAudio 缓冲区错误漏洞
JetAudio is a multimedia player software developed by the JetAudio company. Version 2.0 of JetAudio contains a buffer overflow vulnerability, which stems from a stack-based buffer overflow in the log directory configuration field. This vulnerability could allow local attackers to overwrite...
CVE-2026-25792
Greenshot is an open source Windows screenshot utility. Versions 1.3.312 and below have untrusted executable search path / binary hijacking vulnerability that allows a local attacker to execute arbitrary code when the affected Windows application launches explorer.exe without using an absolute...
CVE-2026-25792
Greenshot is an open source Windows screenshot utility. Versions 1.3.312 and below have untrusted executable search path / binary hijacking vulnerability that allows a local attacker to execute arbitrary code when the affected Windows application launches explorer.exe without using an absolute...