Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
20 results
CVE-2025-34096
CRITICAL CVSS 9.3
Find Similar
A stack-based buffer overflow vulnerability exists in Easy File Sharing HTTP Server version 7.2. The flaw is triggered when a crafted POST request is sent to the /sendemail.ghp endpoint containing an
CVE-2024-41147
CRITICAL CVSS 9.8
Find Similar
An out-of-bounds write vulnerability exists in the ma_dr_flac__decode_samples__lpc functionality of Miniaudio miniaudio v0.11.21. A specially crafted .flac file can lead to memory corruption. An attac
CVE-2017-20205
CRITICAL CVSS 9.2
Find Similar
Valve's Source SDK (source-sdk-2013)'s ragdoll model parsing logic contains a stack-based buffer overflow vulnerability.The tokenizer function `nexttoken` copies characters from an input string into a
An arbitrary file upload vulnerability in the opcode 500 functionality of M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x to v7.4.3.960, and v8.x to v8.2.0.345 allows attackers to execute arbit
KV Studio versions 12.23 and prior contain a stack-based buffer overflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitatio
A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFE_TBL_ValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfe_tbl_passthru_codec.c. The manipulation
GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreame
Music Player Daemon (MPD) before version 0.24.11 contains a CRLF injection vulnerability in the xspf_char_data function within the XSPF playlist plugin that allows attackers to embed literal CR/LF byt
Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers ca
GoldWave 5.70 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting malicious input in the File Open URL dialog. Attackers can generate a specially craft
JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointer
FlexHEX 2.71 contains a local buffer overflow vulnerability in the Stream Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overflow.
FTPPad <= 1.2.0 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command co
CVE-2024-44758
CRITICAL CVSS 9.8
Find Similar
An arbitrary file upload vulnerability in the component /Production/UploadFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to execute arbitrary code via uploading crafted files.
FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge.
Quick Player 1.3 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting a malicious .m3l file with carefully constructed payload. Attackers can trigger th
Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can
PMS 0.42 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious values in the configuration file. Attackers c
gAlan 0.2.1, a modular audio processing environment for Windows, is vulnerable to a stack-based buffer overflow when parsing .galan files. The application fails to properly validate the length of inpu
← Previous Page 5