Achilles

37 exploits Active since Jan 2026
CVE-2019-25650 EXPLOITDB HIGH python WORKING POC
River Past CamDo 3.7.6 Structured Exception Handler Buffer Overflow
River Past CamDo 3.7.6 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame_enc.dll name field. Attackers can craft a payload with a 280-byte buffer, NSEH jump instruction, and SEH handler address pointing to a pop-pop-ret gadget to trigger code execution and establish a bind shell on port 3110.
CVSS 8.4
CVE-2019-25649 EXPLOITDB MEDIUM python WORKING POC
River Past Audio Converter 7.7.16 Local Buffer Overflow DoS
River Past Audio Converter 7.7.16 contains a local buffer overflow vulnerability in the activation code field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a large payload of repeated characters into the 'E-Mail and Activation Code' field and click 'Activate' to trigger a denial of service condition.
CVSS 5.5
CVE-2019-25648 EXPLOITDB MEDIUM python WORKING POC
MyVideoConverter Pro 3.14 Denial of Service Buffer Overflow
MyVideoConverter Pro 3.14 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string to the registration code input field. Attackers can paste a malicious payload containing 10000 bytes into the 'Copy and Paste Registration Code' field to trigger a denial of service condition.
CVSS 6.2
CVE-2018-25219 EXPLOITDB HIGH python WORKING POC
PassFab Excel Password Recovery 8.3.1 SEH Buffer Overflow
PassFab Excel Password Recovery 8.3.1 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the registration code field. Attackers can craft a buffer overflow payload with a pop-pop-ret gadget and shellcode that triggers code execution when pasted into the Licensed E-mail and Registration Code field during the registration process.
CVSS 8.4
CVE-2018-25218 EXPLOITDB HIGH python WORKING POC
PassFab RAR Password Recovery 9.3.2 SEH Buffer Overflow
PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a payload with a buffer overflow, NSEH jump, and shellcode, then paste it into the 'Licensed E-mail and Registration Code' field during registration to trigger code execution.
CVSS 8.4
CVE-2018-25217 EXPLOITDB HIGH python WORKING POC
PDF Explorer 1.5.66.2 Structured Exception Handler Local Code Execution
PDF Explorer 1.5.66.2 contains a structured exception handler (SEH) overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Attackers can craft a payload with buffer overflow, NSEH jump, and ROP gadget chains that execute when the Custom fields settings dialog processes the malicious input in the Label field.
CVSS 8.4
CVE-2018-25216 EXPLOITDB MEDIUM python WORKING POC
AnyBurn 4.3 Denial of Service Local Buffer Overflow
AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image' operation to trigger a denial of service condition.
CVSS 6.2
CVE-2018-25215 EXPLOITDB MEDIUM python WORKING POC
Excel Password Recovery Professional 8.2.0.0 Local Buffer Overflow DoS
Excel Password Recovery Professional 8.2.0.0 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by supplying an excessively long string to the 'E-Mail and Registrations Code' field. Attackers can paste a crafted payload containing 5000 bytes of data into the registration field to trigger a crash when the Register button is clicked.
CVSS 5.5
CVE-2018-25214 EXPLOITDB MEDIUM python WORKING POC
MegaPing Local Buffer Overflow Denial of Service
MegaPing contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload to the Destination Address List field in the Finger function. Attackers can paste a crafted buffer exceeding expected input limits into the vulnerable field and trigger the Start button to cause a denial of service crash.
CVSS 6.2
CVE-2018-25213 EXPLOITDB HIGH python WORKING POC
Nsauditor 3.0.28.0 Local SEH Buffer Overflow
Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Attackers can craft a payload with SEH chain overwrite and inject shellcode through the DNS Query field to achieve code execution with application privileges.
CVSS 8.4
CVE-2018-25212 EXPLOITDB HIGH python WORKING POC
Boxoft wav-wma Converter 1.0 Local Buffer Overflow SEH
Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets to overwrite the SEH chain and achieve code execution on Windows systems.
CVSS 8.4
CVE-2018-25211 EXPLOITDB HIGH python WORKING POC
Allok Video Splitter 3.1.1217 Buffer Overflow via License Name
Allok Video Splitter 3.1.1217 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service or execute arbitrary code by supplying an oversized string in the License Name field. Attackers can craft a malicious payload exceeding 780 bytes, paste it into the License Name registration field, and trigger the overflow when the Register button is clicked.
CVSS 7.8
CVE-2019-25645 EXPLOITDB MEDIUM python WORKING POC
WinAVI iPod 3GP MP4 PSP Converter 4.4.2 Denial of Service
WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by processing malformed AVI files. Attackers can create a specially crafted AVI file with an oversized buffer and load it through the Convert to iPhone function to trigger an application crash.
CVSS 6.2
CVE-2019-25644 EXPLOITDB MEDIUM python WORKING POC
WinMPG Video Convert 9.3.5 Buffer Overflow Local Denial of Service
WinMPG Video Convert 9.3.5 and older versions contain a buffer overflow vulnerability in the registration dialog that allows local attackers to crash the application by supplying oversized input. Attackers can paste a large payload of 6000 bytes into the Name and Registration Code field to trigger a denial of service condition.
CVSS 6.2
CVE-2019-25617 EXPLOITDB MEDIUM python WORKING POC
Ease Audio Converter 5.30 Denial of Service via Audio Cutter
Ease Audio Converter 5.30 contains a denial of service vulnerability in the Audio Cutter function that allows local attackers to crash the application by processing malformed MP4 files. Attackers can create a crafted MP4 file containing an oversized buffer and load it through the Audio Cutter interface to trigger an application crash.
CVSS 6.2
CVE-2019-25616 EXPLOITDB MEDIUM python WORKING POC
AnMing MP3 CD Burner 2.0 Local Denial of Service
AnMing MP3 CD Burner 2.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string. Attackers can paste a 6000-byte payload into the registration name field to trigger a denial of service condition.
CVSS 6.2
CVE-2019-25615 EXPLOITDB HIGH python WORKING POC
Lavavo CD Ripper 4.20 Local SEH Buffer Overflow
Lavavo CD Ripper 4.20 contains a structured exception handling (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Activation Name field. Attackers can craft a payload with controlled buffer data, NSEH jump instructions, and SEH handler addresses to trigger code execution and establish a bind shell on port 3110.
CVSS 8.4
CVE-2019-25606 EXPLOITDB MEDIUM python WORKING POC
Fast AVI MPEG Joiner 1.2.0812 Buffer Overflow Denial of Service
Fast AVI MPEG Joiner 1.2.0812 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the License Name field. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the License Name input field to trigger a denial of service condition when the Register button is clicked.
CVSS 5.5
CVE-2019-25603 EXPLOITDB HIGH python WORKING POC
TuneClone 2.20 Structured Exception Handler Buffer Overflow
TuneClone 2.20 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license code string. Attackers can craft a payload with a controlled buffer, NSEH jump instruction, and SEH handler address pointing to a ROP gadget, then paste it into the license code field to trigger code execution and establish a bind shell.
CVSS 8.4
CVE-2019-25477 EXPLOITDB MEDIUM python WORKING POC
RAR Password Recovery 1.80 - Buffer Overflow
RAR Password Recovery 1.80 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the registration dialog. Attackers can craft a malicious input string exceeding 6000 bytes and paste it into the User Name and Registration Code field to trigger an application crash.
CVSS 6.2
CVE-2019-25469 EXPLOITDB MEDIUM python WORKING POC
Folder Lock 7.7.9 - Buffer Overflow
Folder Lock 7.7.9 contains a buffer overflow vulnerability in the serial number registration field that allows local attackers to crash the application by submitting an oversized payload. Attackers can paste a 6000-byte buffer of arbitrary data into the 'Serial Number and Registration Key' field to trigger a denial of service condition.
CVSS 6.2
CVE-2020-37213 EXPLOITDB HIGH python WORKING POC
TextCrawler Pro 3.1.1 - DoS
TextCrawler Pro 3.1.1 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized buffer in the license key field. Attackers can generate a 6000-byte payload and paste it into the activation field to trigger an application crash.
CVSS 7.5
CVE-2020-37198 EXPLOITDB HIGH python WORKING POC
Duplicate Cleaner Pro 4.1.3 - DoS
Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability that allows attackers to crash the application by injecting an oversized buffer into the license key field. Attackers can generate a 6000-byte payload and paste it into the license activation field to trigger an application crash.
CVSS 7.5
CVE-2021-47798 EXPLOITDB CRITICAL python WORKING POC
NoteBurner 2.35 - Buffer Overflow
NoteBurner 2.35 contains a buffer overflow vulnerability in the license code input field that allows attackers to crash the application. Attackers can generate a 6000-byte payload and paste it into the 'Name' and 'Code' fields to trigger an application crash.
CVSS 9.8
CVE-2021-47797 EXPLOITDB HIGH python WORKING POC
Leawo Prof. Media 11.0.0.1 - DoS
Leawo Prof. Media 11.0.0.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized payload in the activation keycode field. Attackers can generate a 6000-byte buffer of repeated characters to trigger an application crash when pasted into the registration interface.
CVSS 7.5