22 matches found
CVE-2018-25368
Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting an excessively long string in the password field. Attackers can paste a buffer of repeated characters into the password input field to trigger an application...
CVE-2021-47973
Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger ...
CVE-2021-47971
My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger an...
PT-2026-41457
Name of the Vulnerable Software and Affected Versions My Notes Safe version 5.3 Description A denial of service issue allows attackers to crash the application by pasting excessively long character strings into note fields. This is triggered when a payload containing 350,000 repeated characters i...
Astra Linux – Vulnerability in Mariadb 10.3
MariaDB Server versions 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 have an issue where the fixfieldsifneeded function under mysqlderivedprepare is called when the derived table is not yet prepared,...
CVE-2018-25229
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the SMTP configuration interface that allows local attackers to crash the application by supplying an oversized string. Attackers can input a buffer of 257 'A' characters in the SMTP Server field and trigger a crash ...
CVE-2019-25339
GHIA CamIP 1.2 for iOS contains a denial of service vulnerability in the password input field that allows attackers to crash the application. Attackers can paste a 33-character buffer of repeated characters into the password field to trigger an application crash on iOS devices...
CVE-2020-37199
NBMonitor 1.6.6.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash...
CVE-2020-37195 BlueAuditor 1.7.2.0 - 'Name' Denial of Service
BlueAuditor 1.7.2.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash...
CVE-2020-37187
SpotDialup 1.6.7 contains a denial-of-service vulnerability in the registration name input field. A 1000-character buffer payload pasted into the Name field can crash the application. Affected: SpotDialup 1.6.7; vulnerable component: Name/input handling. Root cause: excessively large input causin...
CVE-2020-37133 UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service
UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to trigger an application crash...
CVE-2021-47815
Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can paste a large buffer of 256 repeated characters into the 'Key' field to trigger an application crash...
PT-2026-3040
Name of the Vulnerable Software and Affected Versions AbsoluteTelnet version 11.24 Description The software contains a flaw that allows local attackers to cause a denial of service by manipulating the DialUp connection and license name fields. An attacker can craft a 1000-character payload and...
CVE-2020-36882
Flexsense DiskBoss 7.7.14 is affected by CVE-2020-36882. An unauthenticated attacker can upload arbitrary files through the Directory field in the /Command/Search Files/ API endpoint, causing a denial of service via application crash. The vulnerability is tied to the DiskBoss software (Flexsense)...
TencentOS Server 4: mariadb (TSSA-2025:0632)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0632 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
BIT-MYSQL-CLIENT-2023-52968
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fixfieldsifneeded under mysqlderivedprepare when derived is not yet prepared, leading to a findfieldintable crash...
SUSE CVE-2023-52968
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fixfieldsifneeded under mysqlderivedprepare when derived is not yet prepared, leading to a findfieldintable crash...
DEBIAN-CVE-2023-52968
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fixfieldsifneeded under mysqlderivedprepare when derived is not yet prepared, leading to a findfieldintable crash...
CVE-2023-52968
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fixfieldsifneeded under mysqlderivedprepare when derived is not yet prepared, leading to a findfieldintable crash...
CVE-2023-52968
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fixfieldsifneeded under mysqlderivedprepare when derived is not yet prepared, leading to a findfieldintable crash...