CVE-2019-25603 TuneClone 2.20 Structured Exception Handler Buffer Overflow

TuneClone 2.20 contains a structured exception handler SEH buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license code string. Attackers can craft a payload with a controlled buffer, NSEH jump instruction, and SEH handler address...

TuneClone 缓冲区错误漏洞

TuneClone is an audio conversion tool developed by the TuneClone company. Version 2.20 of TuneClone contains a buffer error vulnerability, which stems from a buffer overflow in the structured exception handler. This vulnerability could allow local attackers to execute arbitrary code by providing...

CVE-2020-36936 Magic Mouse 2 utilities 2.20 - 'magicmouse2service' Unquoted Service Path

Magic Mouse 2 Utilities 2.20 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to inject malicious executables and gain elevated system privileges by placing a malicious file in the service path...

TencentOS Server 4: net-tools (TSSA-2025:0379)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0379 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2025-46836)

net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities like ifconfig from the net-tools package do not properly validate the structure of /proc files when...

CVE-2025-52736

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Daman Jeet Finale Lite finale-woocommerce-sales-countdown-timer-discount allows Reflected XSS.This issue affects Finale Lite: from n/a through = 2.20.0...

EUVD-2013-7187

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-17353

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, ...

Linux Distros Unpatched Vulnerability : CVE-2025-46836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and includi...

CVE-2014-125114

A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a specially crafted Schedule.xml file in the i-Ftp application directory, a remote attacker can trigger a buffer overflow during scheduled downlo...

CVE-2014-125114 i-Ftp 2.20 Schedule.xml Stack-Based Buffer Overflow

A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a specially crafted Schedule.xml file in the i-Ftp application directory, a remote attacker can trigger a buffer overflow during scheduled downlo...

PT-2024-27710 · Htop · Htop

Name of the Vulnerable Software and Affected Versions: htop-dev htop version 2.20 Description: An issue in htop-dev htop allows a local attacker to cause an out-of-bounds access in the Header populateFromSettings function. Recommendations: For version 2.20, consider disabling the Header...

Mozilla: MozillaVPN: Elevation of Privilege via a Race Condition Vulnerability

A race condition vulnerability was discovered in Mozilla VPN that led to local privilege escalation to root on macOS. The vulnerability existed during the installation or update process, where a local attacker could replace the VPN binary with a malicious one that would execute as root. The issue...

CVE-2023-28611

Incorrect authorization in OMICRON StationGuard 1.10 through 2.20 and StationScout 1.30 through 2.20 allows an attacker to bypass intended access restrictions...

GHSA-RF92-3VJR-W628 Improper Authentication in Jenkins Active Directory Plugin

Jenkins Active Directory Plugin implements two separate modes: Integration with ADSI on Windows, and an OS agnostic LDAP-based mode. The LDAP-based mode in Active Directory Plugin starting in version 1.44 and prior to versions 2.16.1 and 2.20 shares code between user lookup and user authenticatio...

Tuneclone 2.20 - Local SEH Buffer Overflow

Tuneclone 2.20 - Local SEH Buffer Overflow Exploit Title: TuneClone Local Seh Exploit Date: 19.06.2019 Vendor Homepage: http://www.tuneclone.com/ Software Link: http://www.tuneclone.com/tuneclonesetup.exe Exploit Author: Achilles Tested Version: 2.20 Tested on: Windows XP SP3 EN 1.- Run python co...

CG-WGR1200 Security Bypass Vulnerability

The CG-WGR1200 is a wired LAN broadband router. A security bypass vulnerability exists in the CG-WGR1200 firmware version 2.20 and earlier, which can be exploited by an attacker to change the login password...

JVN#15201064: Multiple vulnerabilities in CG-WGR1200

CG-WGR1200 provided by Corega Inc is a wireless LAN router. CG-WGR1200 contains multiple vulnerabilities listed below. Buffer Overflow CWE-119 - CVE-2017-10852 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.8 CVSS v2|...

Scientific Linux Security Update : grep on SL6.x i386/x86_64 (20150722)

An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way grep parsed large lines of data. An attacker able to trick a user into running grep on a specially crafted data file could use this flaw to crash grep or, potentially, execute arbitrary code with the privilege...

CentOS 6 : grep (CESA-2015:1447)

Updated grep packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...