LanSpy 2.0.1.159 Local Buffer Overflow Flaws Enable Potential Code Execution
Two high-severity vulnerabilities, CVE-2018-25265 and CVE-2018-25268, were documented for LanSpy 2.0.1.159, affecting the application's scan functionality and exposing users to local buffer overflow attacks. The flaws were classified as CWE-787 and can let an attacker trigger memory corruption by supplying oversized input in the scan section or scan field, causing application crashes and creating a path to arbitrary code execution.
The published details indicate that CVE-2018-25265 can be exploited through structured exception handling (SEH), including egghunter-based shellcode discovery and controlled jumps, while CVE-2018-25268 allows instruction pointer overwrite with a payload consisting of 688 bytes of padding followed by 4 bytes of attacker-controlled data. Both entries were assigned high-impact CVSS v3.1 and CVSS v4.0 severity metrics, and the records reference material from LizardSystems, Exploit-DB, and VulnCheck.
Timeline
Apr 22, 2026
Vulnerability metadata and references are published for both LanSpy flaws
The CVE records were published with CWE-787 classification, CVSS v3.1 and v4.0 severity vectors, and references to LizardSystems, Exploit-DB, and VulnCheck. The disclosures document technical exploitation details such as SEH abuse, egghunter-based shellcode discovery, and instruction-pointer overwrite via oversized input.
Apr 22, 2026
LanSpy local buffer overflow vulnerabilities receive CVE entries
Two local buffer overflow flaws affecting LanSpy 2.0.1.159, later tracked as CVE-2018-25265 and CVE-2018-25268, were received by disclosure@vulncheck.com. The entries describe memory corruption in the scan functionality that could allow crashes and possible arbitrary code execution.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Sources
Related Stories
SEH Buffer Overflows in AIDA64 Enable Local Arbitrary Code Execution
Two high-severity vulnerabilities, **CVE-2019-25629** and **CVE-2019-25631**, affect **AIDA64 5.99.4900** products and can lead to local arbitrary code execution through structured exception handler (**SEH**) buffer overflows. The flaws were reported for **AIDA64 Extreme** and **AIDA64 Business**, respectively, and both are classified as **CWE-787** with a **CVSS v3.1** score vector of `AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`, indicating high impact across confidentiality, integrity, and availability. In **CVE-2019-25629**, an attacker can abuse the Hardware Monitoring logging feature in AIDA64 Extreme by supplying a malicious **CSV log file path**, triggering shellcode execution when the application processes that path. In **CVE-2019-25631**, AIDA64 Business is vulnerable through the **SMTP display name** field in preferences or the report wizard, where an attacker can overwrite SEH pointers and use **egg hunter shellcode** to gain code execution. Public references for both issues include vendor pages, **Exploit-DB** listings, and **VulnCheck** advisories.
1 months ago
Two High-Severity Buffer Overflow Flaws Disclosed in LinkingVision rapidvms
Two high-severity vulnerabilities, **CVE-2026-33848** and **CVE-2026-33849**, were disclosed in **LinkingVision rapidvms**, both classified as **CWE-119** improper restriction of operations within the bounds of a memory buffer. The flaws affect **rapidvms versions before `PR#96`** and carry the same **CVSS v3.1** vector, `AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H`, indicating network-reachable exploitation with low attack complexity, no required privileges, user interaction, and potential for high impact across confidentiality, integrity, and availability. Both CVE records point to **GitHub pull request `#96`** in the `linkingvision/rapidvms` repository as the referenced fix or related remediation. Organizations running vulnerable rapidvms builds should review the changes in that pull request, identify any exposed instances, and prioritize upgrading or patching affected systems because successful exploitation could lead to severe compromise of the video management platform.
1 months ago
New CVEs Detail Stack Buffer Overflows in Flat Assembler and SC
Two newly recorded CVEs describe **stack-based buffer overflow** flaws that can lead to arbitrary code execution in legacy software components. **CVE-2017-20228** affects **Flat Assembler 1.71.21**, where oversized assembly input exceeding **5895 bytes** can overwrite the instruction pointer and enable **return-oriented programming (ROP)** for shell command execution. The issue is classified as **`CWE-787`** and carries high impact to confidentiality, integrity, and availability. A second entry, **CVE-2018-25222**, affects **SC v7.16** and similarly allows code execution through oversized input, in this case beyond **1052 bytes**, resulting in instruction pointer overwrite and shellcode execution in the application context. The vulnerability is also classified as **`CWE-787`**, with CVSS scoring indicating low attack complexity and severe impact, and both CVEs include references to **Exploit-DB** and **VulnCheck advisories**, signaling the availability of public technical details for defenders to review.
1 months ago