79 matches found
10-Strike Network Inventory Explorer 安全漏洞
10-Strike Network Inventory Explorer is a scanning software developed by 10-Strike Corporation. It is used to track hardware and software on network computers. Version 8.54 of 10-Strike Network Inventory Explorer contains a security vulnerability. This vulnerability stems from a stack-based buffe...
CVE-2018-25273
CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an oversized payload in the License Key field. Attackers can generate a malicious file containing 4000 bytes of data, paste it into the License Key input field, and trigger an...
EUVD-2018-21796
RoboImport 1.2.0.72 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields and click Register to trigger an...
EUVD-2018-21793
CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an oversized payload in the License Key field. Attackers can generate a malicious file containing 4000 bytes of data, paste it into the License Key input field, and trigger an...
CVE-2018-25273
CrossFont 7.5 contains a local buffer overflow in the License Key field that can crash the application when processing an oversized payload. An attacker can craft a malicious file around 4000 bytes and input it into License Key to trigger the crash. Impact is limited to availability (crash) with ...
PT-2026-35246
RoboImport 1.2.0.72 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields and click Register to trigger an...
CVE-2026-3995
The OPEN-BRAIN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'API Key' settings field in all versions up to, and including, 0.5.0. This is due to insufficient input sanitization and output escaping. The plugin uses sanitizetextfield which strips HTML tags but does not...
PT-2026-33279
Name of the Vulnerable Software and Affected Versions OPEN-BRAIN plugin for WordPress versions prior to 0.5.1 Description Stored Cross-Site Scripting occurs via the 'API Key' settings field due to insufficient input sanitization and output escaping. The plugin utilizes the sanitize text field...
CVE-2019-25463
SpotIE Internet Explorer Password Recovery 2.9.5 contains a denial of service vulnerability in the registration key input field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a 256-character payload into the Key field during...
CVE-2019-25591
DNSS Domain Name Search Software 2.1.8 contains a buffer overflow vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can trigger a denial of service by pasting a malicious registration code...
CVE-2019-25591
DNSS Domain Name Search Software 2.1.8 contains a buffer overflow vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can trigger a denial of service by pasting a malicious registration code...
CVE-2019-25591
DNSS Domain Name Search Software 2.1.8 contains a buffer overflow vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can trigger a denial of service by pasting a malicious registration code...
CVE-2019-25559 SpotPaltalk 1.1.5 Name/Key Field Denial of Service
SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can paste a buffer of 1000 characters into the Name/Key field during registration to trigger a...
PT-2026-26904
SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can paste a buffer of 1000 characters into the Name/Key field during registration to trigger a...
CVE-2019-25463
SpotIE Internet Explorer Password Recovery 2.9.5 contains a denial-of-service vulnerability in the registration key input field. Supplying an excessively long string (e.g., a 256-character payload) can trigger a buffer overflow and crash the application, enabling a local attacker with no privileg...
CVE-2019-25463 SpotIE Internet Explorer Password Recovery 2.9.5 Key Field DoS
SpotIE Internet Explorer Password Recovery 2.9.5 contains a denial of service vulnerability in the registration key input field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a 256-character payload into the Key field during...
CVE-2019-25463 SpotIE Internet Explorer Password Recovery 2.9.5 Key Field DoS
SpotIE Internet Explorer Password Recovery 2.9.5 contains a denial of service vulnerability in the registration key input field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a 256-character payload into the Key field during...
CVE-2019-25326
ipPulse 1.92 contains a denial of service vulnerability that allows local attackers to crash the application by providing an oversized input in the Enter Key field. Attackers can generate a 256-byte buffer of repeated 'A' characters to trigger an application crash when pasting the malicious conte...
CVE-2019-25326
ipPulse 1.92 contains a denial of service vulnerability that allows local attackers to crash the application by providing an oversized input in the Enter Key field. Attackers can generate a 256-byte buffer of repeated 'A' characters to trigger an application crash when pasting the malicious conte...
CVE-2019-25326
ipPulse 1.92 contains a local denial-of-service flaw triggered by an oversized input in the Enter Key field. A crafted 256-byte buffer of repeated 'A' characters can crash the application when pasted. The vulnerability requires local access and user action (paste) to exploit, with the issue descr...