Skip to main content
CVE-2016-20048 HIGH POC PATCH This Week

iSelect 1.4.0-2+b1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized value to the -k/--key parameter. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Path Traversal Buffer Overflow Iselect
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20041 HIGH POC PATCH This Week

Yasr 0.6.9-5 contains a buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized argument to the -p parameter. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Path Traversal Buffer Overflow Yasr Screen Reader
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20040 HIGH POC PATCH This Week

TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in the ROM parameter handling that allows local attackers to crash the application or execute arbitrary code. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Path Traversal Buffer Overflow Texas Instrument Emulator
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2017-20228 HIGH POC This Week

Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input to the application. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow Flat Assembler
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2018-25225 HIGH POC PATCH This Week

SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious input in the configuration file. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Authentication Bypass Buffer Overflow Sipp
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2018-25224 HIGH POC PATCH This Week

PMS 0.42 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious values in the configuration file. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Authentication Bypass Buffer Overflow Pms
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2018-25222 HIGH POC PATCH This Week

SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Sc
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20047 HIGH POC This Week

EKG Gadu 1.9~pre+r2855-3+b1 contains a local buffer overflow vulnerability in the username handling that allows local attackers to execute arbitrary code by supplying an oversized username string. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow Ekg Gadu
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20046 HIGH POC This Week

zFTP Client 20061220+dfsg3-4.1 contains a buffer overflow vulnerability in the NAME parameter handling of FTP connections that allows local attackers to crash the application or execute arbitrary. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow Zftp Client
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20045 HIGH POC This Week

HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc command-line parameter. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow Hnb
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20044 HIGH POC PATCH This Week

PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Pinfo
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20043 HIGH POC PATCH This Week

NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Nrss Reader
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20042 HIGH POC PATCH This Week

TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Threaded Usenet News Reader
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20039 HIGH POC This Week

Multi Emulator Super System 0.154-3.1 contains a buffer overflow vulnerability in the gamma parameter handling that allows local attackers to crash the application or execute arbitrary code. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow Mess Emulator
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20038 HIGH POC PATCH This Week

yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an excessively long argument to the application. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Ytree
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2017-20226 HIGH POC This Week

Mapscrn 2.0.3 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized input buffer. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow Denial Of Service Mapscrn
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20037 HIGH POC PATCH This Week

xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Denial Of Service Xwpe
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2026-4987 HIGH This Week

Payment amount bypass in Brainstorm Force SureForms WordPress plugin (all versions ≤2.5.2) allows unauthenticated remote attackers to create underpriced payment and subscription intents by manipulating the form_id parameter to 0, circumventing configured payment validation. CVSS 7.5 (High) with network-accessible attack vector and low complexity. EPSS data not provided; no public exploit identified at time of analysis. This represents a direct financial fraud risk for e-commerce and donation sites using the affected plugin.

WordPress Authentication Bypass
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-1679 HIGH This Week

Buffer overflow in Zephyr RTOS eswifi socket offload driver allows authenticated local attackers to corrupt kernel memory through oversized socket send operations. The vulnerability enables privilege escalation and denial of service via heap corruption, with high integrity and availability impact. No public exploit identified at time of analysis, though the attack vector is straightforward for users with socket API access. CVSS 7.3 reflects moderate-high severity constrained by local-only access requiring low-level privileges.

Buffer Overflow Zephyr
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-12886 HIGH This Week

Server-Side Request Forgery (SSRF) in Oxygen Theme for WordPress versions up to 6.0.8 allows unauthenticated remote attackers to make arbitrary HTTP requests from the web server via the vulnerable laborator_calc_route AJAX action. This vulnerability is confirmed exploitable without authentication (CVSS PR:N) and enables attackers to query or modify internal services behind firewalls, exfiltrate cloud metadata (AWS/Azure credentials), or scan internal networks. No public exploit identified at time of analysis, though the unauthenticated attack vector and low complexity (AC:L) suggest straightforward exploitation.

WordPress SSRF
NVD VulDB
CVSS 3.1
7.2
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy