Lucene search
K

846 matches found

Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.6 views

PT-2026-35242

TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash the application by submitting an oversized string. Attackers can generate a payload file containing 4000 bytes of data, paste it into the License Key field, and trigger a...

6.9CVSS5.7AI score0.00156EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.12 views

Acute Systems Acute Systems CrossFont 安全漏洞

Acute Systems CrossFont is a tool developed by Acute Systems that allows for the conversion and management of font files between different operating systems. Version 7.5 of Acute Systems CrossFont contains a security vulnerability. This vulnerability stems from a buffer overflow in the License Ke...

6.9CVSS6AI score0.00126EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.10 views

Acute Systems TransMac 安全漏洞

Acute Systems TransMac is a tool software developed by Acute Systems that allows access and management of Mac disks and file systems on Windows systems. Version 12.2 of Acute Systems TransMac contains a security vulnerability. This vulnerability stems from a buffer overflow in the license key inp...

6.9CVSS6.1AI score0.00156EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/18 7:25 a.m.3 views

CVE-2026-1938 YayMail <= 4.3.2 - Missing Authorization to Authenticated (Shop Manager+) License Key Deletion via '/yaymail-license/v1/license/delete' Endpoint

The YayMail – WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized license key deletion due to a missing authorization check on the /yaymail-license/v1/license/delete REST endpoint in versions up to, and including, 4.3.2. This makes it possible for authenticated...

5.3CVSS5.5AI score0.00307EPSS
Exploits0References4
CVE
CVE
added 2026/02/18 7:25 a.m.34 views

CVE-2026-1938

The YayMail – WooCommerce Email Customizer for WordPress is affected by CVE-2026-1938: versions up to 4.3.2 expose the REST endpoint /yaymail-license/v1/license/delete without proper authorization, enabling authenticated attackers (Shop Manager level and higher) to delete the plugin license key i...

5.3CVSS5.5AI score0.00307EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/02/18 12:29 a.m.5 views

WordPress YayMail plugin <= 4.3.2 - Missing Authorization to Authenticated (Shop Manager+) License Key Deletion via '/yaymail-license/v1/license/delete' Endpoint vulnerability

Missing Authorization to Authenticated Shop Manager+ License Key Deletion via '/yaymail-license/v1/license/delete' Endpoint vulnerability discovered by whizzu in WordPress Plugin YayMail – WooCommerce Email Customizer versions = 4.3.2...

5.3CVSS5.5AI score0.00307EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.8 views

PT-2026-20294

The YayMail – WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized license key deletion due to a missing authorization check on the /yaymail-license/v1/license/delete REST endpoint in versions up to, and including, 4.3.2. This makes it possible for authenticated...

5.3CVSS5.5AI score0.00307EPSS
Exploits0References5
NVD
NVD
added 2026/02/11 9:16 p.m.10 views

CVE-2020-37213

TextCrawler Pro 3.1.1 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized buffer in the license key field. Attackers can generate a 6000-byte payload and paste it into the activation field to trigger an application crash...

7.5CVSS0.00239EPSS
Exploits0References3
NVD
NVD
added 2026/02/11 9:16 p.m.10 views

CVE-2020-37198

Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability that allows attackers to crash the application by injecting an oversized buffer into the license key field. Attackers can generate a 6000-byte payload and paste it into the license activation field to trigger an application...

7.5CVSS0.00394EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/11 8:37 p.m.4 views

CVE-2020-37213 TextCrawler Pro3.1.1 - Denial of Service

TextCrawler Pro 3.1.1 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized buffer in the license key field. Attackers can generate a 6000-byte payload and paste it into the activation field to trigger an application crash...

7.5CVSS5.8AI score0.00239EPSS
Exploits0References3
CVE
CVE
added 2026/02/11 8:37 p.m.10 views

CVE-2020-37213

CVE-2020-37213 affects TextCrawler Pro 3.1.1. A denial-of-service vulnerability allows an attacker to crash the application by pasting an oversized 6000-byte payload into the activation/license key field, triggering a crash. Public references mention an exploit. The provided documents do not spec...

7.5CVSS5.8AI score0.00239EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/11 8:37 p.m.24 views

CVE-2020-37198 Duplicate Cleaner Pro 4 - Denial of Service

Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability that allows attackers to crash the application by injecting an oversized buffer into the license key field. Attackers can generate a 6000-byte payload and paste it into the license activation field to trigger an application...

7.5CVSS0.00394EPSS
Exploits0References3
CVE
CVE
added 2026/02/11 8:37 p.m.12 views

CVE-2020-37198

CVE-2020-37198 affects Duplicate Cleaner Pro 4.1.3. The vulnerability is a denial of service caused by injecting an oversized buffer into the license key field, with a demonstrated 6000-byte payload that can be pasted into the license activation field to crash the application. Public sources in c...

7.5CVSS5.8AI score0.00394EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/11 8:37 p.m.4 views

CVE-2020-37198 Duplicate Cleaner Pro 4 - Denial of Service

Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability that allows attackers to crash the application by injecting an oversized buffer into the license key field. Attackers can generate a 6000-byte payload and paste it into the license activation field to trigger an application...

7.5CVSS5.8AI score0.00394EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/11 8:37 p.m.4 views

CVE-2020-37198

Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability that allows attackers to crash the application by injecting an oversized buffer into the license key field. Attackers can generate a 6000-byte payload and paste it into the license activation field to trigger an application...

7.5CVSS5.8AI score0.00394EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.6 views

PT-2026-7711

TextCrawler Pro 3.1.1 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized buffer in the license key field. Attackers can generate a 6000-byte payload and paste it into the activation field to trigger an application crash...

7.5CVSS5.8AI score0.00239EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.6 views

DigitalVolcano Duplicate Cleaner Pro 安全漏洞

DigitalVolcano Duplicate Cleaner Pro is a duplicate file cleaning tool developed by the British company DigitalVolcano. Version 4.1.3 of DigitalVolcano Duplicate Cleaner Pro contains a security vulnerability caused by a buffer overflow in the license key field, which may lead to the application...

7.5CVSS6AI score0.00394EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.7 views

DigitalVolcano TextCrawler Pro 安全漏洞

DigitalVolcano TextCrawler Pro is a batch text search and replacement tool developed by the British company DigitalVolcano. Version 3.1.1 of DigitalVolcano TextCrawler Pro contains a security vulnerability caused by a buffer overflow in the license key field, which may lead to the application...

7.5CVSS6.1AI score0.00239EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.7 views

PT-2026-7696

Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability that allows attackers to crash the application by injecting an oversized buffer into the license key field. Attackers can generate a 6000-byte payload and paste it into the license activation field to trigger an application...

7.5CVSS5.8AI score0.00394EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/05 1:22 p.m.5 views

CVE-2025-15508

The Magic Import Document Extractor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.4 via the getfrontendsettings function. This makes it possible for unauthenticated attackers to extract the site's magicimport.ai license key from the...

5.3CVSS5.5AI score0.00304EPSS
Exploits0References1
Rows per page
Query Builder