PT-2026-26899

Tomabo MP4 Converter 3.25.22 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can trigger a buffer overflow by pasting a large payload into the Name parameter when adding a preset i...

CVE-2023-53874

GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to trigger a buffer overflow and cause application instability...

CVE-2023-53874

GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to trigger a buffer overflow and cause application instability...

CVE-2023-53874 GOM Player 2.3.90.5360 Buffer Overflow via Equalizer Preset Name

GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to trigger a buffer overflow and cause application instability...

PT-2025-51292

Name of the Vulnerable Software and Affected Versions GOM Player version 2.3.90.5360 Description GOM Player version 2.3.90.5360 has a buffer overflow issue in the equalizer preset name input field. An attacker can cause the application to crash by providing an oversized input, specifically 260 'A...

Gomlab GOM Player 安全漏洞

Gomlab GOM Player is a multimedia player software from the Korean company Gomlab. A security vulnerability exists in Gomlab GOM Player version 2.3.90.5360, which originates from a buffer overflow in the Equalizer Preset Name input field and may cause the application to crash...

CVE-2023-48650

Concrete CMS before 8.5.14 and 9 before 9.2.3 is vulnerable to an admin adding a stored XSS payload via the Layout Preset name...

CVE-2023-48650

Concrete CMS before 8.5.14 and 9 before 9.2.3 is vulnerable to an admin adding a stored XSS payload via the Layout Preset name...

CVE-2023-48650

Concrete CMS before 8.5.14 and 9 before 9.2.3 is vulnerable to an admin adding a stored XSS payload via the Layout Preset name...

PT-2023-30871 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS versions 8.5.13 and earlier Concrete CMS versions 9.0.0 through 9.2.2 Description: The issue allows an admin to add a stored XSS payload via the Layout Preset name, potentially affecting user interactions with the system...