CVSS: 7.3EPSS: %CPEs: -EXPL: 0CVE-2025-55581
https://notcve.org/view.php?id=CVE-2025-55581
22 Aug 2025 — ., via UART or firmware modification) may replace these binaries to achieve persistent arbitrary code execution with root privileges. • https://www.dlink.com/en/security-bulletin • CWE-269: Improper Privilege Management CWE-306: Missing Authentication for Critical Function CWE-494: Download of Code Without Integrity Check •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 3CVE-2010-20122 – Xftp FTP Client <= 3.0 PWD Response Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-20122
21 Aug 2025 — This results in memory corruption and allows remote attackers to execute arbitrary code on the client system. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/xftp_client_pwd.rb • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 3CVE-2009-20003 – Xenorate <= 2.50 .xpl File Stack-Based Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-20003
21 Aug 2025 — The application fails to properly validate the length of input data, allowing an attacker to craft a malicious .xpl file that overwrites the Structured Exception Handler (SEH) and enables arbitrary code execution. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/xenorate_xpl_bof.rb • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 3CVE-2010-20115 – Vermillion FTP <= 1.31 Daemon PORT Command Memory Corruption
https://notcve.org/view.php?id=CVE-2010-20115
21 Aug 2025 — The flaw arises from an out-of-bounds array access during input parsing, allowing an attacker to manipulate stack memory and potentially execute arbitrary code. Exploitation requires direct access to the FTP service and is constrained by a single execution attempt if the daemon is installed as a Windows service. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/vermillion_ftpd_port.rb • CWE-704: Incorrect Type Conversion or Cast CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2010-20114 – VariCAD EN <= 2010-2.05 .dwb File Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-20114
21 Aug 2025 — This flaw can be exploited locally by convincing a user to open a malicious file, resulting in arbitrary code execution. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/varicad_dwb.rb • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 4CVE-2010-20123 – Steinberg MyMP3Player <= 3.0.0.67 Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-20123
21 Aug 2025 — The application fails to properly validate the length of input data within the playlist, allowing a specially crafted file to overwrite critical memory structures and execute arbitrary code. • https://www.exploit-db.com/exploits/11791 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2010-20007 – Seagull FTP v3.3 Build 409 Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-20007
21 Aug 2025 — This may allow remote attackers to execute arbitrary code on the client system. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/seagull_list_reply.rb • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 4CVE-2009-20002 – Millenium MP3 Studio <= 2.0 .pls File Stack-Based Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-20002
21 Aug 2025 — The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/millenium_mp3_pls.rb • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2010-20120 – Maple <= v13 Maplet File Creation and Command Execution
https://notcve.org/view.php?id=CVE-2010-20120
21 Aug 2025 — This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability enables attackers to craft malicious .maplet files that execute arbitrary code without user interaction. • https://www.vulncheck.com/advisories/maple-maplet-file-creation-command-execution • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2010-20034 – Gekko Manager FTP Client <= 0.77 Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-20034
21 Aug 2025 — A crafted response containing an overly long filename can overwrite the Structured Exception Handler (SEH), potentially allowing remote code execution. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/gekkomgr_list_reply.rb • CWE-121: Stack-based Buffer Overflow •