Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-37013

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-29 Jan, 2026 | 14:28
Updated At-12 May, 2026 | 20:46
Rejected At-
Credits

Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH)

Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. Attackers can craft malicious payloads and overwrite Structured Exception Handler (SEH) to execute shellcode when pasting specially crafted input into the application's input fields.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:29 Jan, 2026 | 14:28
Updated At:12 May, 2026 | 20:46
Rejected At:
â–¼CVE Numbering Authority (CNA)
Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH)

Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. Attackers can craft malicious payloads and overwrite Structured Exception Handler (SEH) to execute shellcode when pasting specially crafted input into the application's input fields.

Affected Products
Vendor
Tucows Inc.
Product
Audio Playback Recorder
Versions
Affected
  • 3.2.2
Problem Types
TypeCWE IDDescription
CWECWE-121Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
4.08.4HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Felipe Winsnes
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.exploit-db.com/exploits/48796
exploit
https://web.archive.org/web/20210105222148/https://whitecr0wz.github.io/assets/img/Findings11/11-proof.gif
exploit
https://archive.org/details/tucows_288670_Audio_Playback_Recorder
product
https://www.vulncheck.com/advisories/audio-playback-recorder-local-buffer-overflow-seh
third-party-advisory
Hyperlink: https://www.exploit-db.com/exploits/48796
Resource:
exploit
Hyperlink: https://web.archive.org/web/20210105222148/https://whitecr0wz.github.io/assets/img/Findings11/11-proof.gif
Resource:
exploit
Hyperlink: https://archive.org/details/tucows_288670_Audio_Playback_Recorder
Resource:
product
Hyperlink: https://www.vulncheck.com/advisories/audio-playback-recorder-local-buffer-overflow-seh
Resource:
third-party-advisory
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.exploit-db.com/exploits/48796
exploit
Hyperlink: https://www.exploit-db.com/exploits/48796
Resource:
exploit
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:29 Jan, 2026 | 15:16
Updated At:29 Jan, 2026 | 17:16

Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. Attackers can craft malicious payloads and overwrite Structured Exception Handler (SEH) to execute shellcode when pasting specially crafted input into the application's input fields.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.4HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 4.0
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-121Secondarydisclosure@vulncheck.com
CWE ID: CWE-121
Type: Secondary
Source: disclosure@vulncheck.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://archive.org/details/tucows_288670_Audio_Playback_Recorderdisclosure@vulncheck.com
N/A
https://web.archive.org/web/20210105222148/https://whitecr0wz.github.io/assets/img/Findings11/11-proof.gifdisclosure@vulncheck.com
N/A
https://www.exploit-db.com/exploits/48796disclosure@vulncheck.com
N/A
https://www.vulncheck.com/advisories/audio-playback-recorder-local-buffer-overflow-sehdisclosure@vulncheck.com
N/A
https://www.exploit-db.com/exploits/48796134c704f-9b21-4f2e-91b3-4a467353bcc0
N/A
Hyperlink: https://archive.org/details/tucows_288670_Audio_Playback_Recorder
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://web.archive.org/web/20210105222148/https://whitecr0wz.github.io/assets/img/Findings11/11-proof.gif
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.exploit-db.com/exploits/48796
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.vulncheck.com/advisories/audio-playback-recorder-local-buffer-overflow-seh
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.exploit-db.com/exploits/48796
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

95Records found
CVE-2023-21632
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.06% / 19.68%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:39
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based Buffer Overflow in Automotive GPU

Memory corruption in Automotive GPU while querying a gsl memory node.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6564au_firmwareqca6584ausa6155p_firmwaresa6150p_firmwaresa8145p_firmwaremsm8996au_firmwareapq8064au_firmwareqca6698aqqca6595qca6564ausa8155_firmwaresnapdragon_820_automotive_platform_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaremsm8996auqca6564a_firmwaresa8195psa8540p_firmwaresa8150p_firmwareqca6595au_firmwaresa6155sa6155psa8540psa8295p_firmwareqca6574aqca6698aq_firmwaresa6145pqca6584au_firmwareqca6696_firmwareqca6595_firmwaresa8145pqca6696qam8295psa9000papq8064ausa8150psa6150psa8155pqam8295p_firmwaresa8155qca6574a_firmwaresa9000p_firmwareqca6574au_firmwaresa8195p_firmwareqca6595ausa6155_firmwareqca6564asnapdragon_820_automotive_platformsa8295pSnapdragon
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2010-20123
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-4.19% / 88.83%
||
7 Day CHG~0.00%
Published-21 Aug, 2025 | 20:14
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Steinberg MyMP3Player <= 3.0.0.67 Buffer Overflow

Steinberg MyMP3Player version 3.0 (build 3.0.0.67) is vulnerable to a stack-based buffer overflow when parsing .m3u playlist files. The application fails to properly validate the length of input data within the playlist, allowing a specially crafted file to overwrite critical memory structures and execute arbitrary code. This vulnerability can be exploited locally by convincing a user to open a malicious .m3u file.

Action-Not Available
Vendor-Steinberg
Product-MyMP3Player
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2010-20042
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-9.70% / 93.01%
||
7 Day CHG~0.00%
Published-20 Aug, 2025 | 15:42
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Xion Audio Player ≤ 1.0.126 Unicode Stack Buffer Overflow

Xion Audio Player versions prior to 1.0.126 are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler (SEH) chain, allowing an attacker to hijack execution flow and run arbitrary code.

Action-Not Available
Vendor-Xion
Product-Audio Player
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2013-2597
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-6.10% / 90.88%
||
7 Day CHG~0.00%
Published-31 Aug, 2014 | 10:00
Updated-22 Apr, 2026 | 14:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-10-06||Apply updates per vendor instructions.

Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that leverages /dev/msm_acdb access and provides a large size value in an ioctl argument.

Action-Not Available
Vendor-codeauroran/aCode Aurora
Product-android-msmn/aACDB Audio Driver
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2010-20111
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-9.70% / 93.01%
||
7 Day CHG~0.00%
Published-21 Aug, 2025 | 20:09
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Digital Music Pad <= 8.2.3.3.4 Stack Buffer Overflow

Digital Music Pad v8.2.3.3.4 contains a stack-based buffer overflow vulnerability in its playlist file parser. When opening a .pls file containing an excessively long string in the File1 field, the application fails to properly validate input length, resulting in corruption of the Structured Exception Handler (SEH) on the stack. This flaw may allow an attacker to control execution flow when the file is opened, potentially leading to arbitrary code execution.

Action-Not Available
Vendor-Digital Music Pad
Product-Digital Music Pad
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2010-10015
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-23.08% / 95.98%
||
7 Day CHG~0.00%
Published-21 Aug, 2025 | 20:08
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AOL <= 9.5 Phobos.Playlist 'Import()' Stack-Based Buffer Overflow

AOL versions up to and including 9.5 includes an ActiveX control (Phobos.dll) that exposes a method called Import() via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation allows remote attackers to execute arbitrary code in the context of the user, but only when the malicious HTML file is opened locally, due to the control not being marked safe for scripting or initialization. AOL remains an active and supported brand offering services like AOL Mail and AOL Desktop Gold, but the legacy AOL 9.5 desktop software—specifically the version containing the vulnerable Phobos.dll ActiveX control—is long discontinued and no longer maintained.

Action-Not Available
Vendor-AOL (Yahoo Inc.)
Product-AOL
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2009-20002
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-23.08% / 95.98%
||
7 Day CHG~0.00%
Published-21 Aug, 2025 | 20:13
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Millenium MP3 Studio <= 2.0 .pls File Stack-Based Buffer Overflow

Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser.

Action-Not Available
Vendor-Millenium
Product-MP3 Studio
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2009-20003
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-4.19% / 88.83%
||
7 Day CHG~0.00%
Published-21 Aug, 2025 | 20:15
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Xenorate <= 2.50 .xpl File Stack-Based Buffer Overflow

Xenorate versions up to and including 2.50, a Windows-based multimedia player, is vulnerable to a stack-based buffer overflow when processing .xpl playlist files. The application fails to properly validate the length of input data, allowing an attacker to craft a malicious .xpl file that overwrites the Structured Exception Handler (SEH) and enables arbitrary code execution. Exploitation requires local interaction, typically by convincing a user to open the crafted file.

Action-Not Available
Vendor-Xenorate
Product-Xenorate
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2009-20004
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-4.19% / 88.83%
||
7 Day CHG~0.00%
Published-21 Aug, 2025 | 20:11
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
gAlan <= 0.2.1 Buffer Overflow

gAlan 0.2.1, a modular audio processing environment for Windows, is vulnerable to a stack-based buffer overflow when parsing .galan files. The application fails to properly validate the length of input data, allowing a specially crafted file to overwrite the stack and execute arbitrary code. Exploitation requires local interaction, typically by convincing a user to open the malicious file.

Action-Not Available
Vendor-gAlan
Product-gAlan
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2022-40517
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.59%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack based buffer overflow in Core

Memory corruption in core due to stack-based buffer overflow

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65qca4024_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaresa415mwcn3998wcd9371_firmwareqam8295pwcn3950qcn6024_firmwaresd720gsm4125sd_8cx_gen2_firmwareqca8386_firmwareqca8084_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360sd680_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwaresa4155p_firmwaresa8155_firmwareqca4004_firmwareipq6010sd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sd765gsw5100fsm10056_firmwaresd680qca6436wcn6851sa6155pqcs603_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gipq9008_firmwarewcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwareqcn7606_firmwarewcn6750_firmwaresa8295p_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresw5100pqca8084qca6564ausdx55m_firmwarewcn6856_firmwareipq9008sd670_firmwareqca6574csr8811_firmwarewcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqca8072_firmwareqcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320qca6426_firmwareqca9984ipq6028sd835qcn9024ipq9574_firmwarewcn3980_firmwaresd730sdx55mqcc5100_firmwaresa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603sd670qcn9024_firmwareqca6564a_firmwareqcm4290_firmwaresd870wcn6855qcn5121_firmwaresw5100p_firmwaresa8540pqcs610_firmwareqsm8250sa6145pipq6018sdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145pmdm9205_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareqcn5021_firmwaresa8155pcsra6640sd675qcs8155_firmwaresa4155psxr2150par8035_firmwareqsm8250_firmwareqcn7606qcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcn9070sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024csra6620qca8082qcn9072qca8386qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareqcn5152_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaresd662qam8295p_firmwareqcn9011_firmwaresa8155qca8082_firmwareqca6320_firmwaresa9000p_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nwcd9306sd778gqca6564au_firmwaresa6155p_firmwareqca6310qcn9274qcs8155sa515m_firmwareqcs6490sdxr2_5gqcn5052sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresm6250sa8195psd712_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023qca6174a_firmwareqcs4290_firmwarewcd9385qca8085_firmwareqcs6490_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000ar8035csr8811sm6250_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315qca6564asa4150pqca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595qcc5100sdx24qcn9012sd888wsa8835qcx315_firmwaresa8540p_firmwaresd888_5gsm6250pqca8075_firmwaresc8180xqca6574aipq6005_firmwarewcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9205sa9000pqca6574_firmwaresa515msd855sm4125_firmwaresm7325p_firmwaresd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msd850_firmwaresm7315sd460qca6391sdxr1_firmwareipq6005aqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50mqcn9070_firmwareipq6028_firmwareqcn9011sc8180x_firmwareqca6574ausd710sa8155p_firmwareqcn5122ipq9574wcd9341_firmwarewsa8810mdm9150wcn6856qcn5022sd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresd850Snapdragon
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-10012
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-9.70% / 93.01%
||
7 Day CHG~0.00%
Published-13 Aug, 2025 | 20:35
Updated-07 Apr, 2026 | 14:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NetOp Remote Control Client 9.5 .dws File Buffer Overflow

NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an attacker to execute arbitrary code when the file is opened.

Action-Not Available
Vendor-NetOp
Product-Remote Control Client
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-36967
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.36% / 57.91%
||
7 Day CHG~0.00%
Published-28 Jan, 2026 | 17:35
Updated-07 Apr, 2026 | 14:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zortam Mp3 Media Studio 27.60 - Remote Code Execution (SEH)

Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler (SEH) overwrite and execute arbitrary commands on the target system.

Action-Not Available
Vendor-Zortam.com
Product-Zortam Mp3 Media Studio
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37126
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.03% / 7.98%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-05 Feb, 2026 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow (SEH)

Free Desktop Clock 3.0 contains a stack overflow vulnerability in the Time Zones display name input that allows attackers to overwrite Structured Exception Handler (SEH) registers. Attackers can exploit the vulnerability by crafting a malicious Unicode input that triggers an access violation and potentially execute arbitrary code.

Action-Not Available
Vendor-Drive Software Company
Product-Free Desktop Clock
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37066
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.08% / 22.62%
||
7 Day CHG~0.00%
Published-03 Feb, 2026 | 22:01
Updated-04 Feb, 2026 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GoldWave 5.70 – Buffer Overflow (SEH Unicode)

GoldWave 5.70 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting malicious input in the File Open URL dialog. Attackers can generate a specially crafted text file with Unicode-encoded shellcode to trigger a stack-based overflow and execute commands when the file is opened.

Action-Not Available
Vendor-GoldWave
Product-GoldWave
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37001
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.02% / 5.52%
||
7 Day CHG~0.00%
Published-29 Jan, 2026 | 14:28
Updated-12 May, 2026 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Frigate Professional 3.36.0.9 - 'Pack File' Buffer Overflow (SEH Egghunter)

Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the Pack File feature that allows attackers to execute arbitrary code by overflowing the 'Archive To' input field. Attackers can craft a malicious payload that overwrites the Structured Exception Handler (SEH) and uses an egghunter technique to execute a reverse shell payload.

Action-Not Available
Vendor-Frigate3
Product-Frigate Professional
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37138
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.62%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-05 Mar, 2026 | 01:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
10-Strike Network Inventory Explorer 9.03 - 'Read from File' Buffer Overflow (SEH)(ROP)

10-Strike Network Inventory Explorer 9.03 contains a buffer overflow vulnerability in the file import functionality that allows remote attackers to execute arbitrary code. Attackers can craft a malicious text file with carefully constructed payload to trigger a stack-based buffer overflow and bypass data execution prevention through a ROP chain.

Action-Not Available
Vendor-10-Strike Software
Product-Network Inventory Explorer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-36997
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.32%
||
7 Day CHG~0.00%
Published-29 Jan, 2026 | 14:28
Updated-12 May, 2026 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BacklinkSpeed 2.4 - Buffer Overflow PoC (SEH)

BacklinkSpeed 2.4 contains a buffer overflow vulnerability that allows attackers to corrupt the Structured Exception Handler (SEH) chain through malicious file import. Attackers can craft a specially designed payload file to overwrite SEH addresses, potentially executing arbitrary code and gaining control of the application.

Action-Not Available
Vendor-Dummysoftware
Product-BacklinkSpeed
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37095
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.24% / 47.69%
||
7 Day CHG+0.06%
Published-06 Feb, 2026 | 23:14
Updated-05 Mar, 2026 | 01:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow (SEH)

Cyberoam Authentication Client 2.1.2.7 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) memory. Attackers can craft a malicious input in the 'Cyberoam Server Address' field to trigger a bind TCP shell on port 1337 with system-level access.

Action-Not Available
Vendor-Cyberoam
Product-Cyberoam Authentication Client
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37159
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.09% / 25.40%
||
7 Day CHG~0.00%
Published-06 Feb, 2026 | 23:14
Updated-17 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cuckoo Clock 5.0 - Buffer Overflow

Parallaxis Cuckoo Clock 5.0 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory registers in the alarm scheduling feature. Attackers can craft a malicious payload exceeding 260 bytes to overwrite EIP and EBP, enabling shellcode execution with potential remote code execution.

Action-Not Available
Vendor-Parallaxis
Product-Cuckoo Clock
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-36971
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.02% / 5.52%
||
7 Day CHG~0.00%
Published-28 Jan, 2026 | 17:35
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow

Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system.

Action-Not Available
Vendor-Nidesoft
Product-Nidesoft 3GP Video Converter
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37124
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.08% / 23.03%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-06 Feb, 2026 | 20:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
B64dec 1.1.2 - Buffer Overflow (SEH Overflow + Egg Hunter)

B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code during base64 decoding process.

Action-Not Available
Vendor-4Mhz
Product-B64dec
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37176
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.08% / 23.03%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:36
Updated-13 Feb, 2026 | 17:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Torrent 3GP Converter 1.51 - Stack Overflow (SEH)

Torrent 3GP Converter 1.51 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload targeting the application's registration dialog to trigger code execution and open the calculator through carefully constructed buffer overflow techniques.

Action-Not Available
Vendor-Torrentrockyou
Product-Torrent 3GP Converter
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37120
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.26% / 49.66%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-06 Feb, 2026 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rubo DICOM Viewer 2.0 - Buffer Overflow (SEH)

Rubo DICOM Viewer 2.0 contains a buffer overflow vulnerability in the DICOM server name input field that allows attackers to overwrite Structured Exception Handler (SEH). Attackers can craft a malicious text file with carefully constructed payload to execute arbitrary code by overwriting SEH and triggering remote code execution.

Action-Not Available
Vendor-Rubo Medical Imaging
Product-Rubo DICOM Viewer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2010-20010
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-8.39% / 92.39%
||
7 Day CHG~0.00%
Published-20 Aug, 2025 | 16:34
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Foxit PDF Reader < 4.2.0.0928 Title Stack Buffer Overflow

Foxit PDF Reader before 4.2.0.0928 does not properly bound-check the /Title entry in the PDF Info dictionary. A specially crafted PDF with an overlong Title string can overflow a fixed-size stack buffer, corrupt the Structured Exception Handler (SEH) chain, and lead to arbitrary code execution in the context of the user who opens the file.

Action-Not Available
Vendor-Foxit Software Incorporated
Product-Foxit PDF Reader
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2010-20114
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-9.70% / 93.01%
||
7 Day CHG~0.00%
Published-21 Aug, 2025 | 20:14
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
VariCAD EN <= 2010-2.05 .dwb File Stack Buffer Overflow

VariCAD EN up to and including version 2010-2.05 is vulnerable to a stack-based buffer overflow when parsing .dwb drawing files. The application fails to properly validate the length of input data embedded in the file, allowing a crafted .dwb file to overwrite critical memory structures. This flaw can be exploited locally by convincing a user to open a malicious file, resulting in arbitrary code execution.

Action-Not Available
Vendor-VariCAD
Product-VariCAD EN
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2010-20108
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-20.63% / 95.65%
||
7 Day CHG~0.00%
Published-21 Aug, 2025 | 20:11
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FTPPad <= 1.2.0 Stack Buffer Overflow

FTPPad <= 1.2.0 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long directory and filename, the application fails to properly validate input length. This results in a buffer overflow that overwrites the saved Extended Instruction Pointer (EIP), allowing remote attackers to execute arbitrary code.

Action-Not Available
Vendor-FTPPad
Product-FTPPad FTP Client
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-28580
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.06% / 17.53%
||
7 Day CHG~0.00%
Published-20 Mar, 2024 | 00:00
Updated-28 Mar, 2025 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the ReadData() function when reading images in RAS format.

Action-Not Available
Vendor-freeimage_projectn/afreeimage_project
Product-freeimagen/afreeimage
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-5726
Matching Score-4
Assigner-Delta Electronics, Inc.
ShareView Details
Matching Score-4
Assigner-Delta Electronics, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.82%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 01:46
Updated-13 Apr, 2026 | 12:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASDA-Soft Stack-based Buffer Overflow Vulnerability

ASDA-Soft Stack-based Buffer Overflow Vulnerability

Action-Not Available
Vendor-Delta Electronics, Inc.
Product-asda_softASDA-Soft
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-40516
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-3.85% / 88.33%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 14:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based buffer overflow in Core

Memory corruption in Core due to stack-based buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65qca4024_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaresa415mwcn3998wcd9371_firmwareqam8295pwcn3950qcn6024_firmwaresd720gsm4125sd_8cx_gen2_firmwareqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360sd680_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwaresa4155p_firmwaresa8155_firmwareqca4004_firmwareipq6010sd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sd765gsw5100fsm10056_firmwaresd680qca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gipq9008_firmwarewcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwareqcn5121sm8475qcn5022_firmwareqcn7606_firmwarewcn6750_firmwaresa8295p_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresw5100pqca8084qca6564ausdx55m_firmwarewcn6856_firmwareipq9008sd670_firmwareqca6574csr8811_firmwarewcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqca8072_firmwareqcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320qca6426_firmwareqca9984ipq6028sd835qcn9024ipq9574_firmwarewcn3980_firmwaresd730sdx55mqcc5100_firmwaresa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603sd670qcn9024_firmwareqca6564a_firmwareqcm4290_firmwaresd870wcn6855qcn5121_firmwaresw5100p_firmwaresa8540pqcs610_firmwareqsm8250sa6145pipq6018sdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145pmdm9205_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareqcn5021_firmwaresa8155pcsra6640sd675qcs8155_firmwaresa4155psxr2150par8035_firmwareqsm8250_firmwareqcn7606qcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcn9070sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024csra6620qca8082qcn9072qca8386qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareqcn5152_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaresd662qam8295p_firmwareqcn9011_firmwaresa8155qca8082_firmwareqca6320_firmwaresa9000p_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nwcd9306sd778gqca6564au_firmwaresa6155p_firmwareqca6310qcn9274qcs8155wcn7851sa515m_firmwareqcs6490sdxr2_5gqcn5052sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresm6250sa8195psd712_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023qca6174a_firmwareqcs4290_firmwarewcd9385qca8085_firmwareqcs6490_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000ar8035csr8811sm6250_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315qca6564asa4150pqca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595qcc5100sdx24qcn9012sd888wsa8835qcx315_firmwaresa8540p_firmwaresd888_5gsm6250pqca8075_firmwaresc8180xqca6574aipq6005_firmwarewcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9205sa9000pqca6574_firmwaresa515msd855sm4125_firmwaresm7325p_firmwaresd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msd850_firmwaresm7315sd460qca6391sdxr1_firmwareipq6005aqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50mqcn9070_firmwareipq6028_firmwareqcn9011sc8180x_firmwareqca6574ausd710sa8155p_firmwareqcn5122ipq9574wcd9341_firmwarewsa8810mdm9150wcn6856qcn5022sd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresd850Snapdragon
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-34124
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-26.96% / 96.42%
||
7 Day CHG+14.34%
Published-16 Jul, 2025 | 21:08
Updated-07 Apr, 2026 | 14:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heroes of Might and Magic III .h3m Map File Buffer Overflow

A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object name causes a buffer overflow, potentially allowing arbitrary code execution. Exploitation requires the victim to open a malicious map file within the game.

Action-Not Available
Vendor-The 3DO Company
Product-Heroes of Might and Magic III
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-37000
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.15% / 35.38%
||
7 Day CHG~0.00%
Published-29 Jan, 2026 | 14:28
Updated-12 May, 2026 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Free MP3 CD Ripper 2.8 - Stack Buffer Overflow (SEH + Egghunter)

Free MP3 CD Ripper 2.8 contains a stack buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting a malicious WAV file with oversized payload. Attackers can leverage a specially crafted exploit file with shellcode, SEH bypass, and egghunter technique to achieve remote code execution on vulnerable Windows systems.

Action-Not Available
Vendor-Cleanersoft Software
Product-Free MP3 CD Ripper
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37119
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.06% / 18.35%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-07 Apr, 2026 | 14:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite))

Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS query payload to trigger a three-byte overwrite, bypass ASLR, and execute shellcode through a carefully constructed exploit.

Action-Not Available
Vendor-nsasoftNsasoft
Product-nsauditorNsauditor
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-37221
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.6||HIGH
EPSS-0.01% / 1.93%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:22
Updated-13 May, 2026 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Atomic Alarm Clock 6.3 Stack Overflow via SEH Unicode

Atomic Alarm Clock 6.3 contains a stack overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string to the display name textbox in the Time Zones Clock configuration. Attackers can craft a buffer with structured exception handling overwrite and encoded shellcode to bypass SafeSEH protections and execute arbitrary commands with application privileges.

Action-Not Available
Vendor-Drive-software
Product-Atomic Alarm Clock
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37183
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.08% / 23.03%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Stack Overflow (SEH)

Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload in the License Name input field to trigger a buffer overflow and execute system commands like calc.exe.

Action-Not Available
Vendor-Allok Soft
Product-Allok RM RMVB to AVI MPEG DVD Converter
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37142
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.02% / 7.05%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-05 Mar, 2026 | 01:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow (SEH)

10-Strike Network Inventory Explorer 8.54 contains a structured exception handler buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting SEH records. Attackers can craft a malicious payload targeting the 'Computer' parameter during the 'Add' function to trigger remote code execution.

Action-Not Available
Vendor-10-Strike Software
Product-Network Inventory Explorer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37184
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.08% / 23.03%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Allok Video Converter 4.6.1217 - Stack Overflow (SEH)

Allok Video Converter 4.6.1217 contains a stack overflow vulnerability in the License Name input field that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload to overwrite SEH handlers and execute system commands by injecting malicious bytecode into the input field.

Action-Not Available
Vendor-Allok Soft
Product-Allok Video Converter
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-36965
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.02% / 5.52%
||
7 Day CHG~0.00%
Published-28 Jan, 2026 | 17:35
Updated-29 Jan, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)

docPrint Pro 8.0 contains a local buffer overflow vulnerability in the 'Add URL' input field that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload that triggers a structured exception handler (SEH) overwrite to execute shellcode and gain remote system access.

Action-Not Available
Vendor-VeryPDF.com, Inc.
Product-docPrint Pro
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-36961
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.26% / 49.66%
||
7 Day CHG~0.00%
Published-28 Jan, 2026 | 17:35
Updated-05 Mar, 2026 | 01:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
10-Strike Network Inventory Explorer 8.65 - Buffer Overflow (SEH)

10-Strike Network Inventory Explorer 8.65 contains a buffer overflow vulnerability in exception handling that allows remote attackers to execute arbitrary code. Attackers can craft a malicious file with 209 bytes of padding and a specially constructed Structured Exception Handler to trigger code execution.

Action-Not Available
Vendor-10-Strike Software
Product-Network Inventory Explorer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37161
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.41%
||
7 Day CHG~0.00%
Published-06 Feb, 2026 | 23:14
Updated-24 Feb, 2026 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wedding Slideshow Studio 1.36 - 'Name' Buffer Overflow

Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the registration name field with malicious payload. Attackers can craft a specially designed payload to trigger remote code execution, demonstrating the ability to run system commands like launching the calculator.

Action-Not Available
Vendor-wedding-slideshow-studioWedding Slideshow Studio
Product-wedding_slideshow_studioWedding Slideshow Studio
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-28581
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.07% / 21.52%
||
7 Day CHG~0.00%
Published-20 Mar, 2024 | 00:00
Updated-28 Mar, 2025 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the _assignPixel<>() function when reading images in TARGA format.

Action-Not Available
Vendor-freeimage_projectn/afreeimage_project
Product-freeimagen/afreeimage
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-28582
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.07% / 22.04%
||
7 Day CHG~0.00%
Published-20 Mar, 2024 | 00:00
Updated-28 Mar, 2025 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the rgbe_RGBEToFloat() function when reading images in HDR format.

Action-Not Available
Vendor-freeimage_projectn/afreeimage_project
Product-freeimagen/afreeimage
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-28566
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.07% / 22.04%
||
7 Day CHG~0.00%
Published-20 Mar, 2024 | 00:00
Updated-28 Mar, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the AssignPixel() function when reading images in TIFF format.

Action-Not Available
Vendor-freeimage_projectn/afreeimage_project
Product-freeimagen/afreeimage
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-25391
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.06% / 17.89%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 00:00
Updated-04 Nov, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2.

Action-Not Available
Vendor-rt-threadn/art-thread
Product-rt-threadn/art-thread
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-41388
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.78%
||
7 Day CHG~0.00%
Published-17 Jun, 2025 | 20:24
Updated-18 Jun, 2025 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fuji Electric Smart Editor Stack-based Buffer Overflow

Fuji Electric Smart Editor is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-Fuji Electric Co., Ltd.
Product-Smart Editor
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-21474
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.08% / 24.05%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-15 Jan, 2025 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based Buffer Overflow in PMIC

Memory corruption when size of buffer from previous call is used without validation or re-initialization.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragonqca8337_firmwaresnapdragon_x65_5g_modem-rf_system_firmwarewcd9380_firmwareqca6696_firmwareqca6595_firmwarewsa8840_firmwarewcd9385_firmwarefastconnect_6900_firmwaresc8380xp_firmwaresa8530p_firmwarewsa8830_firmwareqam8295p_firmwaresa8540p_firmwarewsa8835_firmwareqca6574au_firmwarefastconnect_7800_firmwarewsa8845h_firmwareqca8081_firmwaresa8295p_firmwarear8035_firmwareqca6698aq_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • Next
Details not found