CVE-2018-25273

CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an oversized payload in the License Key field. Attackers can generate a malicious file containing 4000 bytes of data, paste it into the License Key input field, and trigger an...

EUVD-2018-21793

CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an oversized payload in the License Key field. Attackers can generate a malicious file containing 4000 bytes of data, paste it into the License Key input field, and trigger an...

CVE-2018-25273

CrossFont 7.5 contains a local buffer overflow in the License Key field that can crash the application when processing an oversized payload. An attacker can craft a malicious file around 4000 bytes and input it into License Key to trigger the crash. Impact is limited to availability (crash) with ...

CVE-2020-37198

Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability that allows attackers to crash the application by injecting an oversized buffer into the license key field. Attackers can generate a 6000-byte payload and paste it into the license activation field to trigger an application...

CVE-2020-37213

CVE-2020-37213 affects TextCrawler Pro 3.1.1. A denial-of-service vulnerability allows an attacker to crash the application by pasting an oversized 6000-byte payload into the activation/license key field, triggering a crash. Public references mention an exploit. The provided documents do not spec...

CVE-2020-37198

Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability that allows attackers to crash the application by injecting an oversized buffer into the license key field. Attackers can generate a 6000-byte payload and paste it into the license activation field to trigger an application...

PT-2026-7711

TextCrawler Pro 3.1.1 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized buffer in the license key field. Attackers can generate a 6000-byte payload and paste it into the activation field to trigger an application crash...

DigitalVolcano Duplicate Cleaner Pro 安全漏洞

DigitalVolcano Duplicate Cleaner Pro is a duplicate file cleaning tool developed by the British company DigitalVolcano. Version 4.1.3 of DigitalVolcano Duplicate Cleaner Pro contains a security vulnerability caused by a buffer overflow in the license key field, which may lead to the application...

CVE-2024-4661

The WP Reset plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveajax function in all versions up to, and including, 2.02. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the val...

CVE-2016-10953

The Headway theme before 3.8.9 for WordPress has XSS via the license key field...

CVE-2016-10953

The Headway theme before 3.8.9 for WordPress has XSS via the license key field...

PT-2019-7746 · Headway · Headway

Name of the Vulnerable Software and Affected Versions: Headway theme versions prior to 3.8.9 Description: The issue concerns a Cross-Site Scripting XSS flaw. This type of flaw occurs when an application includes user input in its output without proper validation or encoding, allowing an attacker ...