Aggregates CVE and security vulnerability intelligence across all aida64-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk memory corruption and vendor risk buffer overflow; exposure may include vendor impact memory corruption and vendor impact application crash in vendor surface software deployment contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2019-25633 | AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display name field and Load from file parameter to trigger the overflow and execute shellcode with application privileges. | [email protected] | 8.6 | 0.01% | 2026-03-24 | 2026-03-26 |
| CVE-2019-25631 | AIDA64 Business 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH pointers with malicious shellcode. Attackers can inject egg hunter shellcode through the SMTP display name field in preferences or report wizard functionality to trigger the overflow and execute code with application privileges. | [email protected] | 8.6 | 0.01% | 2026-03-24 | 2026-03-27 |
| CVE-2019-25629 | AIDA64 Extreme 5.99.4900 contains a structured exception handler buffer overflow vulnerability in the logging functionality that allows local attackers to execute arbitrary code by supplying a malicious CSV log file path. Attackers can inject shellcode through the Hardware Monitoring logging preferences to overflow the buffer and trigger code execution when the application processes the log file path. | [email protected] | 8.6 | 0.01% | 2026-03-24 | 2026-03-27 |
| CVE-2019-25360 | Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in the CSV logging configuration that allows attackers to execute malicious code by crafting a specially designed payload. Attackers can exploit the vulnerability by creating a malformed log file with carefully constructed SEH (Structured Exception Handler) overwrite techniques to achieve remote code execution. | [email protected] | 8.4 | 0.31% | 2026-02-18 | 2026-03-27 |
| CVE-2020-37140 | Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and paste it into the file open dialog to trigger an application crash. | [email protected] | 4.6 | 0.01% | 2026-02-05 | 2026-03-27 |
| CVE-2020-19513 | Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary code by creating a crafted input that will overwrite the SEH handler. | [email protected] | 7.8 | 0.14% | 2021-02-19 | 2026-03-30 |
| CVE-2019-7244 | An issue was discovered in kerneld.sys in AIDA64 before 5.99. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x80112084 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges. | [email protected] | 7.2 | 0.43% | 2020-03-25 | 2024-11-21 |