22 matches found
CVE-2026-31708
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB read in smb2ioctlqueryinfo QUERYINFO path smb2ioctlqueryinfo has two response-copy branches: PASSTHRUFSCTL and the default QUERYINFO path. The QUERYINFO branch clamps qi.inputbufferlength to the server-report...
EUVD-2026-26517
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB read in smb2ioctlqueryinfo QUERYINFO path smb2ioctlqueryinfo has two response-copy branches: PASSTHRUFSCTL and the default QUERYINFO path. The QUERYINFO branch clamps qi.inputbufferlength to the server-report...
HTTPS Fetch, DNS TXT Record Payload Download and Execution
Fetch and execute an x86 payload from an HTTPS server. Performs a TXT query against a series of DNS records and executes the returned x86 shellcode. The DNSZONE option is used as the base name to iterate over. The payload will first request the TXT contents of the a hostname, followed by b, then ...
CVE-2020-37204
RemShutdown 2.9.0.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash...
CVE-2020-37199
NBMonitor 1.6.6.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash...
CVE-2020-37210 SpotIE 2.9.5 - 'Key' Denial of Service
SpotIE 2.9.5 contains a denial of service vulnerability in the registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash...
CVE-2020-37209 SpotFTP FTP Password Recovery 3.0.0.0 - 'Name' Denial of Service
SpotFTP 3.0.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash...
CVE-2020-37207 SpotDialup 1.6.7 - 'Key' Denial of Service
SpotDialup 1.6.7 contains a denial of service vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash...
CVE-2020-37207 SpotDialup 1.6.7 - 'Key' Denial of Service
SpotDialup 1.6.7 contains a denial of service vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash...
CVE-2020-37204
RemShutdown 2.9.0.0 contains a denial-of-service vulnerability in the registration key input. Attackers can paste a 1000-character payload into the registration key field to trigger an application crash, causing a local DoS. The provided metrics show CVSS v3.1 base score 7.5 (Network, Low complex...
CVE-2020-37202 NetworkSleuth 3.0.0.0 - 'Key' Denial of Service
NetworkSleuth 3.0.0.0 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash...
CVE-2020-37196 Dnss Domain Name Search Software - 'Key' Denial of Service
Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by providing an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application cras...
CVE-2020-37195 BlueAuditor 1.7.2.0 - 'Name' Denial of Service
BlueAuditor 1.7.2.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash...
CVE-2020-37195
Technical details beyond what is provided are not publicly available in the supplied documents. Monitor for updates to potential impacts, affected products, and remediations.
CVE-2020-37189
CVE-2020-37189 affects TaskCanvas 1.4.0. A denial-of-service vulnerability exists in the registration input handling: pasting a 1000-character buffer payload can crash the application. The issue is tied to the registration code input field, with the available references indicating a crash trigger...
CVE-2020-37187
SpotDialup 1.6.7 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash...
CVE-2020-37187
SpotDialup 1.6.7 contains a denial-of-service vulnerability in the registration name input field. A 1000-character buffer payload pasted into the Name field can crash the application. Affected: SpotDialup 1.6.7; vulnerable component: Name/input handling. Root cause: excessively large input causin...
PT-2026-7687
TaskCanvas 1.4.0 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration field to trigger an application crash...
PT-2026-7693
BlueAuditor 1.7.2.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash...
PT-2026-7704
ShareAlarmPro contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload to trigger an application crash when pasted into the registration key field...