Total
4230 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-37130 | 2 Nsasoft, Nsauditor | 2 Nsauditor, Nsauditor | 2026-02-09 | 7.5 High |
| Nsauditor 3.2.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can create a malicious payload of 1000 bytes of repeated characters to trigger an application crash when pasted into the registration name field. | ||||
| CVE-2026-1188 | 1 Eclipse | 1 Omr | 2026-02-09 | 9.8 Critical |
| In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all supported processor features was not accounting for the separator inserted between processor features. If the output buffer supplied to this function was incorrectly sized, failing to account for the separator when determining when a write to the buffer was safe could lead to a buffer overflow. This issue is fixed in Eclipse OMR version 0.8.0. | ||||
| CVE-2025-68137 | 2 Everest, Linuxfoundation | 2 Everest-core, Everest | 2026-02-06 | 8.4 High |
| EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in `SdpPacket::parse_header()` allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining length to read is computed using the current length subtracted by the header length which results in a negative value. This value is then interpreted as `SIZE_MAX` (or slightly less) because the expected type of the argument is `size_t`. Depending on whether the server is plain TCP or TLS, this leads to either an infinite loop or a stack buffer overflow. Version 2025.10.0 fixes the issue. | ||||
| CVE-2025-28162 | 1 Libpng | 1 Libpng | 2026-02-06 | 5.5 Medium |
| Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer (ASan), the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unresponsive | ||||
| CVE-2025-28164 | 1 Libpng | 1 Libpng | 2026-02-06 | 5.5 Medium |
| Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_create_read_struct() function. | ||||
| CVE-2020-37127 | 1 Dnsmasq | 1 Dnsmasq | 2026-02-06 | 5.5 Medium |
| Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the dhcp_release process by sending a crafted input string longer than 16 characters. | ||||
| CVE-2024-42642 | 1 Crucial | 6 Ct1000mx500ssd1, Ct2000mx500ssd1, Ct250mx500ssd1 and 3 more | 2026-02-05 | 6.7 Medium |
| Micron Crucial MX500 Series Solid State Drives M3CR046 is vulnerable to Buffer Overflow, which can be triggered by sending specially crafted ATA packets from the host to the drive controller. NOTE: The supplier states that this vulnerability was fully remediated in December 2024 and that updated firmware is available through Crucial’s official support page. | ||||
| CVE-2020-37065 | 1 Streamripper | 1 Streamripper | 2026-02-04 | 9.8 Critical |
| StreamRipper32 version 2.6 contains a buffer overflow vulnerability in the Station/Song Section that allows attackers to overwrite memory by manipulating the SongPattern input. Attackers can craft a malicious payload exceeding 256 bytes to potentially execute arbitrary code and compromise the application. | ||||
| CVE-2020-37070 | 1 Cloudme | 1 Cloudme | 2026-02-04 | 9.8 Critical |
| CloudMe 1.11.2 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code through crafted network packets. Attackers can exploit the vulnerability by sending a specially crafted payload to the CloudMe service running on port 8888, enabling remote code execution. | ||||
| CVE-2020-37074 | 1 Lizardsystems | 1 Remote Desktop Audit | 2026-02-04 | 9.8 Critical |
| Remote Desktop Audit 2.3.0.157 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code during the Add Computers Wizard file import process. Attackers can craft a malicious payload file to trigger a structured exception handler (SEH) bypass and execute shellcode when importing computer lists. | ||||
| CVE-2020-37024 | 1 Nidesoft | 1 Dvd Ripper | 2026-02-04 | 8.4 High |
| Nidesoft DVD Ripper 5.2.18 contains a local buffer overflow vulnerability in the License Code registration parameter that allows attackers to execute arbitrary code. Attackers can craft a malicious payload and paste it into the License Code field to trigger a stack-based buffer overflow and execute shellcode. | ||||
| CVE-2019-25232 | 1 Netpclinker | 1 Netpclinker | 2026-02-04 | 9.8 Critical |
| NetPCLinker 1.0.0.0 contains a buffer overflow vulnerability in the Clients Control Panel DNS/IP field that allows attackers to execute arbitrary shellcode. Attackers can craft a malicious payload in the DNS/IP input to overwrite SEH handlers and execute shellcode when adding a new client. | ||||
| CVE-2020-37029 | 1 K.soft | 1 Ftpdummy | 2026-02-04 | 8.4 High |
| FTPDummy 4.80 contains a local buffer overflow vulnerability in its preference file handling that allows attackers to execute arbitrary code. Attackers can craft a malicious preference file with carefully constructed shellcode to trigger a structured exception handler overwrite and execute system commands. | ||||
| CVE-2020-37025 | 1 Upredsun | 1 Port Forwarding Wizard | 2026-02-04 | 8.4 High |
| Port Forwarding Wizard 4.8.0 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code through a long request in the Register feature. Attackers can craft a malicious payload with an egg tag and overwrite SEH handlers to potentially execute shellcode on vulnerable Windows systems. | ||||
| CVE-2020-37075 | 1 Lizardsystems | 1 Lansend | 2026-02-04 | 9.8 Critical |
| LanSend 3.2 contains a buffer overflow vulnerability in the Add Computers Wizard file import functionality that allows remote attackers to execute arbitrary code. Attackers can craft a malicious payload file to trigger a structured exception handler (SEH) overwrite and execute shellcode when importing computers from a file. | ||||
| CVE-2025-10666 | 2 D-link, Dlink | 3 Dir-825, Dir-825, Dir-825 Firmware | 2026-02-03 | 8.8 High |
| A security flaw has been discovered in D-Link DIR-825 up to 2.10. Affected by this vulnerability is the function sub_4106d4 of the file apply.cgi. The manipulation of the argument countdown_time results in buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be exploited. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2020-37036 | 1 Mini-stream | 2 Mini-stream Rm Downloader, Rm Downloader | 2026-02-03 | 8.4 High |
| RM Downloader 2.50.60 contains a local buffer overflow vulnerability in the 'Load' parameter that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload with an egg hunter technique to bypass memory protections and execute commands like launching calc.exe. | ||||
| CVE-2020-37050 | 1 M.j.m | 1 Quick Player | 2026-02-03 | 9.8 Critical |
| Quick Player 1.3 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting a malicious .m3l file with carefully constructed payload. Attackers can trigger the vulnerability by loading a specially crafted file through the application's file loading mechanism, potentially enabling remote code execution. | ||||
| CVE-2020-37040 | 1 Codeblocks | 1 Code::blocks | 2026-02-03 | 8.4 High |
| Code Blocks 17.12 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting a malicious file name with Unicode characters. Attackers can trigger the vulnerability by pasting a specially crafted payload into the file name field during project creation, potentially executing system commands like calc.exe. | ||||
| CVE-2025-13151 | 1 Gnu | 1 Libtasn1 | 2026-02-02 | 7.5 High |
| Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string. | ||||