New CVEs Detail Stack Buffer Overflows in Flat Assembler and SC
Two newly recorded CVEs describe stack-based buffer overflow flaws that can lead to arbitrary code execution in legacy software components. CVE-2017-20228 affects Flat Assembler 1.71.21, where oversized assembly input exceeding 5895 bytes can overwrite the instruction pointer and enable return-oriented programming (ROP) for shell command execution. The issue is classified as CWE-787 and carries high impact to confidentiality, integrity, and availability.
A second entry, CVE-2018-25222, affects SC v7.16 and similarly allows code execution through oversized input, in this case beyond 1052 bytes, resulting in instruction pointer overwrite and shellcode execution in the application context. The vulnerability is also classified as CWE-787, with CVSS scoring indicating low attack complexity and severe impact, and both CVEs include references to Exploit-DB and VulnCheck advisories, signaling the availability of public technical details for defenders to review.
Timeline
Mar 28, 2026
CVE entries published for Flat Assembler and SC buffer overflows
New CVE records were published documenting CVE-2017-20228 in Flat Assembler 1.71.21 and CVE-2018-25222 in SC v7.16, with CWE-787 classification and high impact ratings. The entries included references to Exploit-DB and VulnCheck advisories, and the Flat Assembler entry also referenced the vendor site.
Mar 28, 2026
VulnCheck receives disclosure for CVE-2017-20228 and CVE-2018-25222
VulnCheck received disclosures for two stack-based buffer overflow vulnerabilities on 2026-03-28: CVE-2017-20228 affecting Flat Assembler 1.71.21 and CVE-2018-25222 affecting SC v7.16. Both flaws were described as enabling arbitrary code execution via oversized input that overwrites the instruction pointer.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Vulnerabilities
Organizations
Affected Products
Sources
Related Stories
LanSpy 2.0.1.159 Local Buffer Overflow Flaws Enable Potential Code Execution
Two high-severity vulnerabilities, `CVE-2018-25265` and `CVE-2018-25268`, were documented for **LanSpy 2.0.1.159**, affecting the application's scan functionality and exposing users to local buffer overflow attacks. The flaws were classified as `CWE-787` and can let an attacker trigger memory corruption by supplying oversized input in the scan section or scan field, causing application crashes and creating a path to arbitrary code execution. The published details indicate that `CVE-2018-25265` can be exploited through structured exception handling (SEH), including egghunter-based shellcode discovery and controlled jumps, while `CVE-2018-25268` allows instruction pointer overwrite with a payload consisting of 688 bytes of padding followed by 4 bytes of attacker-controlled data. Both entries were assigned high-impact CVSS v3.1 and CVSS v4.0 severity metrics, and the records reference material from **LizardSystems**, **Exploit-DB**, and **VulnCheck**.
1 weeks ago
SEH Buffer Overflows in AIDA64 Enable Local Arbitrary Code Execution
Two high-severity vulnerabilities, **CVE-2019-25629** and **CVE-2019-25631**, affect **AIDA64 5.99.4900** products and can lead to local arbitrary code execution through structured exception handler (**SEH**) buffer overflows. The flaws were reported for **AIDA64 Extreme** and **AIDA64 Business**, respectively, and both are classified as **CWE-787** with a **CVSS v3.1** score vector of `AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`, indicating high impact across confidentiality, integrity, and availability. In **CVE-2019-25629**, an attacker can abuse the Hardware Monitoring logging feature in AIDA64 Extreme by supplying a malicious **CSV log file path**, triggering shellcode execution when the application processes that path. In **CVE-2019-25631**, AIDA64 Business is vulnerable through the **SMTP display name** field in preferences or the report wizard, where an attacker can overwrite SEH pointers and use **egg hunter shellcode** to gain code execution. Public references for both issues include vendor pages, **Exploit-DB** listings, and **VulnCheck** advisories.
1 months ago
Local Code Execution Flaws Disclosed in PDF Explorer and RGui
Two newly cataloged CVEs detail local code execution vulnerabilities in Windows desktop applications **PDF Explorer 1.5.66.2** and **RGui 3.5.0**. **CVE-2018-25217** affects PDF Explorer through a structured exception handler (SEH) overflow in the application's **Custom fields settings** dialog, where malicious data placed in the **Label** field can overwrite SEH records and enable arbitrary code execution. The issue is mapped to `CWE-787` and was published with CVSS v4.0 and v3.1 scoring, alongside references to Exploit-DB, RTT Software, a trial installer, and a VulnCheck advisory. **CVE-2018-25258** affects RGui 3.5.0 through a stack-based buffer overflow in the **GUI preferences** dialog, specifically the **Language for menus and messages** field. The disclosure says an attacker can use SEH-based exploitation to bypass DEP, run a ROP chain that calls `VirtualAlloc`, and achieve arbitrary code execution on the local system. The entry was published with CVSS v4.0 and v3.1 vectors and references to the affected R 3.5.0 Windows binary, Exploit-DB, the R Project website, and a VulnCheck advisory.
3 weeks ago