Local-Privilege-Escalation

Radare2 versions prior to 6.1.4 are vulnerable to a path traversal in project deletion, allowing local attackers to recursively delete arbitrary directories by escaping the 'dir.projects' root, leading to integrity and availability loss.

CVE-2026-32221 is a heap-based buffer overflow vulnerability in the Microsoft Graphics Component, allowing a local attacker to execute arbitrary code.

Easy Video to iPod Converter 1.6.20 is vulnerable to a local buffer overflow in the user registration field, allowing a local attacker to overwrite the structured exception handler (SEH) by providing a crafted payload exceeding 996 bytes in the username field, potentially leading to arbitrary code execution with user privileges.

A local attacker can exploit a vulnerability in Vim to execute arbitrary code on a vulnerable system.

Flat Assembler version 1.71.21 is susceptible to a stack-based buffer overflow vulnerability, allowing local attackers to achieve arbitrary code execution by providing a crafted, oversized input file.

PInfo version 0.6.9-5.1 is susceptible to a local buffer overflow vulnerability, enabling local attackers to execute arbitrary code by providing an overly large argument to the '-m' parameter, ultimately allowing for shellcode execution with user privileges.

TiEmu 3.03 is vulnerable to a buffer overflow in ROM parameter handling, enabling local attackers to crash the application or execute arbitrary code by providing an oversized ROM parameter via the command-line interface.

FlexHEX 2.71 is vulnerable to a local buffer overflow in the Stream Name field, allowing local attackers to execute arbitrary code via a structured exception handler (SEH) overflow.

Lavavo CD Ripper 4.20 is vulnerable to a structured exception handling (SEH) buffer overflow, allowing local attackers to execute arbitrary code by supplying a malicious string in the License Activation Name field leading to arbitrary code execution and a bind shell.

Admin Express 1.2.5.485 is susceptible to a local structured exception handling buffer overflow vulnerability, enabling local attackers to execute arbitrary code via a crafted payload in the Folder Path field of the System Compare feature.