Total
3433 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-36961 | 1 10-strike | 1 Network Inventory Explorer | 2026-03-05 | 9.8 Critical |
| 10-Strike Network Inventory Explorer 8.65 contains a buffer overflow vulnerability in exception handling that allows remote attackers to execute arbitrary code. Attackers can craft a malicious file with 209 bytes of padding and a specially constructed Structured Exception Handler to trigger code execution. | ||||
| CVE-2019-25435 | 1 Sricam | 1 Deviceviewer | 2026-03-05 | 7.8 High |
| Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management add user function that allows authenticated attackers to execute arbitrary code by bypassing data execution prevention. Attackers can inject a malicious payload through the Username field in User Management to trigger a stack-based buffer overflow and execute commands via ROP chain gadgets. | ||||
| CVE-2019-25357 | 1 Webgate | 2 Control Center, Control Center Pro | 2026-03-05 | 8.4 High |
| Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler (SEH). Attackers can craft a malicious payload exceeding 664 bytes to inject shellcode and potentially execute arbitrary code on vulnerable Windows systems. | ||||
| CVE-2019-25340 | 1 Nsasoft | 2 Nsauditor Spotauditor, Spotauditor | 2026-03-05 | 7.5 High |
| SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file with 2000 repeated characters to trigger an application crash when pasted into the Base64 Encrypted Password field. | ||||
| CVE-2019-25336 | 1 Nsasoft | 2 Nsauditor Spotauditor, Spotauditor | 2026-03-05 | 8.4 High |
| SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially crafted Base64 encoded payload to trigger a Structured Exception Handler (SEH) overwrite and execute shellcode on the vulnerable system. | ||||
| CVE-2019-25331 | 1 Avs4you | 1 Avs Audio Converter | 2026-03-05 | 8.4 High |
| AVS Audio Converter 9.1 contains a local buffer overflow vulnerability that allows local attackers to overwrite CPU registers by manipulating the 'Exit folder' input field. Attackers can craft a specially designed text file with 264 bytes of padding followed by register overwrite values to compromise the application and potentially execute arbitrary code. | ||||
| CVE-2019-25318 | 1 Avs4you | 1 Avs Audio Converter | 2026-03-05 | 8.8 High |
| AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button is clicked. | ||||
| CVE-2019-25434 | 1 Nsasoft | 2 Nsauditor Spotauditor, Spotauditor | 2026-03-05 | 7.5 High |
| SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting excessive data in the registration name field. Attackers can enter a large string of characters (5000 bytes or more) in the name field during registration to trigger an unhandled exception that crashes the application. | ||||
| CVE-2025-70236 | 2 D-link, Dlink | 3 Dir-513, Dir-513, Dir-513 Firmware | 2026-03-04 | 5.3 Medium |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDomainFilter. | ||||
| CVE-2026-28422 | 1 Vim | 1 Vim | 2026-03-04 | 2.2 Low |
| Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in `build_stl_str_hl()` when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue. | ||||
| CVE-2025-69765 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-03-04 | 7.5 High |
| Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution. | ||||
| CVE-2026-3400 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2026-03-03 | 8.8 High |
| A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2019-25321 | 2 Internet-soft, Softpedia | 2 Ftp Navigator, Ftp Navigator | 2026-03-03 | 9.8 Critical |
| FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload that triggers a buffer overflow when pasted into the Custom Command textbox, enabling remote code execution and launching the calculator as proof of concept. | ||||
| CVE-2019-25329 | 1 Internet-soft | 1 Ftp Navigator | 2026-03-03 | 7.5 High |
| FTP Navigator 8.03 contains a denial of service vulnerability that allows attackers to crash the application by overwriting Structured Exception Handler (SEH) with malicious input. Attackers can generate a payload of 4108 'A' characters followed by 4 'B' characters and 40 'C' characters to trigger a program crash when pasted into the custom command input. | ||||
| CVE-2026-2930 | 1 Tenda | 2 A18, A18 Firmware | 2026-02-27 | 6.3 Medium |
| A vulnerability was identified in Tenda A18 15.13.07.13. The affected element is the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. Such manipulation of the argument boundary leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-2929 | 2 D-link, Dlink | 3 Dwr-m960, Dwr-m960, Dwr-m960 Firmware | 2026-02-27 | 8.8 High |
| A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_453140 of the file /boafrm/formWlAc of the component Wireless Access Control Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-2928 | 2 D-link, Dlink | 3 Dwr-m960, Dwr-m960, Dwr-m960 Firmware | 2026-02-27 | 8.8 High |
| A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_452CCC of the file /boafrm/formWlEncrypt of the component WLAN Encryption Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-3137 | 1 Codeastro | 1 Food Ordering System | 2026-02-27 | 5.3 Medium |
| A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file food_ordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2019-25363 | 2 Allok Soft, Alloksoft | 2 Wmv To Avi Mpeg Dvd Wmv Convertor, Wmv To Avi Mpeg Dvd Wmv Convertor | 2026-02-26 | 7.5 High |
| WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer overflow vulnerability that allows attackers to crash the application by providing an oversized license input. Attackers can generate a 6000-byte payload and paste it into the 'License Name and License Code' field to trigger an application crash. | ||||
| CVE-2026-25967 | 1 Imagemagick | 1 Imagemagick | 2026-02-26 | 7.4 High |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a stack-based buffer overflow exists in the ImageMagick FTXT image reader. A crafted FTXT file can cause out-of-bounds writes on the stack, leading to a crash. Version 7.1.2-15 contains a patch. | ||||