Total
13905 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-25561 | 1 Jetaudio | 2 Jetaudio, Lyric Maker | 2026-03-25 | 6.2 Medium |
| Lyric Maker 2.0.1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Title field. Attackers can paste a 5000-byte buffer into the Title input field and save the file to trigger a denial of service condition. | ||||
| CVE-2019-25562 | 1 Jetaudio | 2 Convert Video Jetaudio, Jetaudio | 2026-03-25 | 5.5 Medium |
| jetAudio 8.1.7 contains a buffer overflow vulnerability in the video converter component that allows local attackers to crash the application by supplying an oversized string in the File Naming field. Attackers can paste a malicious buffer of 512 bytes into the File Naming parameter and trigger the crash by clicking the Preview button, causing a denial of service. | ||||
| CVE-2019-25564 | 1 Uvnc | 2 Pchelpwarev2, Ultravnc | 2026-03-25 | 5.5 Medium |
| PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Group field. Attackers can paste a buffer overflow payload into the Group property field and click Ok to trigger an application crash. | ||||
| CVE-2019-25565 | 1 Magiciso | 1 Magic Iso Maker | 2026-03-25 | 6.2 Medium |
| Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field during registration, and trigger a denial of service condition that crashes the application. | ||||
| CVE-2019-25566 | 1 Acutesystems | 1 Transmac | 2026-03-25 | 6.2 Medium |
| TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during disk image creation, and trigger an application crash. | ||||
| CVE-2019-25567 | 1 Valentina-db | 1 Valentina Studio | 2026-03-25 | 6.2 Medium |
| Valentina Studio 9.0.5 Linux contains a buffer overflow vulnerability in the Host field of the connection dialog that allows local attackers to crash the application by supplying an oversized input string. Attackers can trigger the vulnerability by pasting a crafted buffer exceeding 264 bytes into the Host field during server connection attempts, causing a denial of service. | ||||
| CVE-2019-25569 | 2 Crun, Realterm | 2 Realterm, Realterm: Serial Terminal | 2026-03-25 | 6.2 Medium |
| RealTerm Serial Terminal 2.0.0.70 contains a stack-based buffer overflow vulnerability in the Echo Port field that allows local attackers to crash the application by triggering a structured exception handler (SEH) chain corruption. Attackers can craft a malicious input string with 268 bytes of padding followed by SEH overwrite values and paste it into the Port field to cause denial of service. | ||||
| CVE-2019-25584 | 1 Raimersoft | 1 Rarmaradio | 2026-03-25 | 6.2 Medium |
| RarmaRadio 2.72.3 contains a buffer overflow vulnerability in the Server field of the Network settings that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a malicious payload exceeding 4000 bytes into the Server field via the Settings menu to trigger an application crash. | ||||
| CVE-2019-25589 | 1 Emtec | 1 Zoc Terminal | 2026-03-25 | 6.2 Medium |
| ZOC Terminal 7.23.4 contains a buffer overflow vulnerability in the Shell field of Program Settings that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a crafted payload into the Shell configuration field and trigger a crash when accessing the Command Shell feature. | ||||
| CVE-2019-25591 | 1 Nsasoft | 1 Nsauditor Dnss Domain Name Search Software | 2026-03-25 | 6.2 Medium |
| DNSS Domain Name Search Software 2.1.8 contains a buffer overflow vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can trigger a denial of service by pasting a malicious registration code containing 300 repeated characters into the Name/Key field via the Register menu option. | ||||
| CVE-2019-25597 | 2 Nsasoft, Nsauditor | 2 Nsauditor, Nsauditor | 2026-03-25 | 6.2 Medium |
| NSauditor 3.1.2.0 contains a buffer overflow vulnerability in the SNMP Auditor Community field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a large payload into the Community field and trigger the Walk function to cause a denial of service condition. | ||||
| CVE-2019-25598 | 1 Heidisql | 1 Heidisql Portable | 2026-03-25 | 6.2 Medium |
| HeidiSQL Portable 10.1.0.5464 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the password field. Attackers can paste a buffer overflow payload into the password input during Microsoft SQL Server login to trigger an application crash. | ||||
| CVE-2019-25600 | 1 Uvnc | 1 Ultravnc Viewer | 2026-03-25 | 6.5 Medium |
| UltraVNC Viewer 1.2.2.4 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized string to the VNC Server input field. Attackers can paste a malicious string containing 256 repeated characters into the VNC Server field and click Connect to trigger a buffer overflow that crashes the viewer. | ||||
| CVE-2019-25601 | 1 Uvnc | 1 Ultravnc Launcher | 2026-03-25 | 6.2 Medium |
| UltraVNC Launcher 1.2.2.4 contains a buffer overflow vulnerability in the Path vncviewer.exe property field that allows local attackers to crash the application by supplying an excessively long string. Attackers can input a 300-byte payload of repeated characters through the Properties dialog to trigger a denial of service condition. | ||||
| CVE-2019-25603 | 1 Tuneclone | 1 Tuneclone | 2026-03-25 | 8.4 High |
| TuneClone 2.20 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license code string. Attackers can craft a payload with a controlled buffer, NSEH jump instruction, and SEH handler address pointing to a ROP gadget, then paste it into the license code field to trigger code execution and establish a bind shell. | ||||
| CVE-2019-25604 | 1 Dvd-x-player | 1 Dvd X Player | 2026-03-25 | 8.4 High |
| DVDXPlayer Pro 5.5 contains a local buffer overflow vulnerability with structured exception handling that allows local attackers to execute arbitrary code by crafting malicious playlist files. Attackers can create a specially crafted .plf file containing shellcode and NOP sleds that overflows a buffer and hijacks the SEH chain to execute arbitrary code with application privileges. | ||||
| CVE-2019-25606 | 1 Alloksoft | 1 Fast Avi Mpeg Joiner | 2026-03-25 | 5.5 Medium |
| Fast AVI MPEG Joiner 1.2.0812 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the License Name field. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the License Name input field to trigger a denial of service condition when the Register button is clicked. | ||||
| CVE-2019-25607 | 1 Labf | 1 Axessh | 2026-03-25 | 8.4 High |
| Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers can overflow the buffer at offset 214 bytes to overwrite the instruction pointer and execute shellcode with system privileges. | ||||
| CVE-2019-25609 | 1 Jetaudio | 1 Jetaudio | 2026-03-25 | 8.4 High |
| JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointers. Attackers can inject alphanumeric encoded shellcode through the Log Directory field to trigger an SEH exception handler and execute arbitrary code with application privileges. | ||||
| CVE-2019-25611 | 1 Skyqinsc | 1 Miniftp | 2026-03-25 | 8.4 High |
| MiniFtp contains a buffer overflow vulnerability in the parseconf_load_setting function that allows local attackers to execute arbitrary code by supplying oversized configuration values. Attackers can craft a miniftpd.conf file with values exceeding 128 bytes to overflow stack buffers and overwrite the return address, enabling code execution with root privileges. | ||||