Dino Covotsos

23 exploits Active since May 2019
CVE-2019-25689 EXPLOITDB HIGH python WORKING POC
HTML5 Video Player 1.2.5 Local Buffer Overflow Non-SEH
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigger code execution and spawn a calculator process.
CVSS 8.4
CVE-2019-25695 EXPLOITDB HIGH python WORKING POC
R 3.4.4 Local Buffer Overflow Windows XP SP3
R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the payload is pasted into the Language for menus and messages field.
CVSS 8.4
CVE-2019-25657 EXPLOITDB MEDIUM python WORKING POC
AnyBurn 4.3 x86 Denial of Service via Image Conversion
AnyBurn 4.3 x86 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the image conversion function. Attackers can paste a large buffer into the source or destination image file fields and click Convert Now to trigger a crash.
CVSS 5.5
CVE-2019-25656 EXPLOITDB HIGH python WORKING POC
R i386 3.5.0 Local Buffer Overflow SEH
R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler (SEH) overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to overwrite SEH records and achieve code execution with calculator or arbitrary shellcode.
CVSS 8.4
CVE-2019-25619 EXPLOITDB HIGH python WORKING POC
FTP Shell Server 6.83 Buffer Overflow via Account Name
FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field that allows local attackers to execute arbitrary code by supplying a crafted string. Attackers can inject shellcode through the account name parameter in the Manage FTP Accounts dialog to overwrite the return address and execute calc.exe or other commands.
CVSS 8.4
CVE-2019-25364 EXPLOITDB CRITICAL python WORKING POC
MailCarrier 2.51 - Buffer Overflow
MailCarrier 2.51 contains a buffer overflow vulnerability in the POP3 USER command that allows remote attackers to execute arbitrary code. Attackers can send a crafted oversized buffer to the POP3 service, overwriting memory and potentially gaining remote system access.
CVSS 9.8
EIP-2026-118747 EXPLOITDB python WORKING POC
MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow
EIP-2026-118743 EXPLOITDB python WORKING POC
MailCarrier 2.51 - 'RCPT TO' Buffer Overflow
EIP-2026-118744 EXPLOITDB python WORKING POC
MailCarrier 2.51 - 'RCPT TO' Buffer Overflow
EIP-2026-118745 EXPLOITDB python WORKING POC
MailCarrier 2.51 - POP3 'LIST' SEH Buffer Overflow
EIP-2026-118746 EXPLOITDB python WORKING POC
MailCarrier 2.51 - POP3 'LIST' SEH Buffer Overflow
EIP-2026-118748 EXPLOITDB python WORKING POC
MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow
EIP-2026-118749 EXPLOITDB python WORKING POC
MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow
EIP-2026-118750 EXPLOITDB python WORKING POC
MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow
EIP-2026-118751 EXPLOITDB python WORKING POC
MailCarrier 2.51 - POP3 'USER' Buffer Overflow
EIP-2026-118752 EXPLOITDB python WORKING POC
MailCarrier 2.51 - POP3 'USER' Buffer Overflow
EIP-2026-118040 EXPLOITDB python WORKING POC
UltraISO 9.7.1.3519 - 'Output FileName' Local Buffer Overflow (SEH)
EIP-2026-118041 EXPLOITDB python WORKING POC
UltraISO 9.7.1.3519 - 'Output FileName' Local Buffer Overflow (SEH)
EIP-2026-117395 EXPLOITDB python WORKING POC
LabF nfsAxe 3.7 Ping Client - 'Host IP' Buffer Overflow (Direct Ret)
EIP-2026-117394 EXPLOITDB python WORKING POC
LabF nfsAxe 3.7 Ping Client - 'Host IP' Buffer Overflow (Direct Ret)
EIP-2026-117221 EXPLOITDB python WORKING POC
FTPShell Server 6.83 - 'Virtual Path Mapping' Local Buffer
EIP-2026-117222 EXPLOITDB python WORKING POC
FTPShell Server 6.83 - 'Virtual Path Mapping' Local Buffer
CVE-2019-7181 EXPLOITDB HIGH python WORKING POC
myQNAPcloud Connect <1.3.3.0925 - Buffer Overflow
Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 and earlier could allow remote attackers to crash the program.
CVSS 7.5