10254 matches found
CVE-2019-25667 TaskInfo 8.2.0.280 Denial of Service Buffer Overflow
TaskInfo 8.2.0.280 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying oversized input to registration fields. Attackers can paste excessively long strings into the New User Name or New Serial Number textboxes in the Help menu's registration...
CVE-2019-25667
TaskInfo 8.2.0.280 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying oversized input to registration fields. Attackers can paste excessively long strings into the New User Name or New Serial Number textboxes in the Help menu's registration...
CVE-2019-25667
CVE-2019-25667 affects TaskInfo 8.2.0.280. The issue is a local buffer overflow in the registration dialog’s input fields, exploitable by pasting oversized strings into the New User Name or New Serial Number boxes. The consequence is a denial of service (application crash) with a high availabilit...
CVE-2019-25665 River Past Ringtone Converter 2.7.6.1601 Buffer Overflow DoS
River Past Ringtone Converter 2.7.6.1601 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying oversized input to activation fields. Attackers can paste 300 bytes of data into the Email textbox and Activation code textarea via the Help menu's...
CVE-2019-25658 a-Mac Address Change 5.4 Local Buffer Overflow DoS
a-Mac Address Change 5.4 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input to registration form fields. Attackers can paste 212 bytes of data into the 'Your Name', 'Your Company', or 'Register Code' fields and click th...
CVE-2019-25658
a-Mac Address Change 5.4 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input to registration form fields. Attackers can paste 212 bytes of data into the 'Your Name', 'Your Company', or 'Register Code' fields and click th...
CVE-2019-25658 a-Mac Address Change 5.4 Local Buffer Overflow DoS
a-Mac Address Change 5.4 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input to registration form fields. Attackers can paste 212 bytes of data into the 'Your Name', 'Your Company', or 'Register Code' fields and click th...
CVE-2019-25658
The CVE-2019-25658 entry concerns the a-Mac Address Change 5.4 application. The vulnerability is a local buffer overflow in the registration form handling code. Specifically, sending oversized input (212 bytes) into any of the fields—'Your Name', 'Your Company', or 'Register Code'—and clicking Re...
CVE-2018-25256
CVE-2018-25256 affects IP TOOLS 2.50, specifically the SNMP Scanner component. A local buffer overflow can be triggered by oversized input in the From Addr and To Addr fields, crashing the application when Start is clicked and causing a denial of service via an SEH overwrite. The description in t...
CVE-2026-3309
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.11. This is due to the plugin allowing user-supplied billing fie...
PT-2026-30474
River Past Ringtone Converter 2.7.6.1601 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying oversized input to activation fields. Attackers can paste 300 bytes of data into the Email textbox and Activation code textarea via the Help menu's...
PT-2026-30495
Pegasus CMS 1.0 contains a remote code execution vulnerability in the extra fields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionality. Attackers can send POST requests to the submit.php endpoint with malicious PHP code in the...
a-Mac Address Change 缓冲区错误漏洞
a-Mac Address Change is a network address modification tool developed by a-Mac Corporation. Version 5.4 of a-Mac Address Change contains a buffer overflow vulnerability. This vulnerability stems from local buffer overflows in the registration form fields, which could allow local attackers to caus...
PT-2026-30467
a-Mac Address Change 5.4 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input to registration form fields. Attackers can paste 212 bytes of data into the 'Your Name', 'Your Company', or 'Register Code' fields and click th...
CVE-2026-34947
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, staged user custom fields and username are exposed on public invite pages without email verification. This issue has been...
CVE-2016-20053
Redaxo CMS 5.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by tricking authenticated administrators into visiting malicious pages. Attackers can craft HTML forms targeting the users endpoint with hidden fields...
EUVD-2026-18997
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.11. This is due to the plugin allowing user-supplied billing fie...
CVE-2026-3309
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.11. This is due to the plugin allowing user-supplied billing fie...
CVE-2026-3309
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.11. This is due to the plugin allowing user-supplied billing fie...
CVE-2026-3309 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.11 - Unauthenticated Arbitrary Shortcode Execution via Checkout Billing Fields
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.11. This is due to the plugin allowing user-supplied billing fie...