10240 matches found
CVE-2018-25288 StyleWriter 1.0 Denial of Service via Pattern Input
StyleWriter 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a 6000-byte payload into the Pattern to Find or Advice Message fields in the Add Pattern dialog to trigger a denial of service...
CVE-2018-25288
StyleWriter 1.0 is affected by a buffer overflow in the Pattern to Find / Advice Message fields (Add Pattern dialog). A 6000-byte payload can be pasted to trigger a denial-of-service locally. The CVE details indicate a local attack vector with high impact on availability and no confidentiality/in...
CVE-2018-25278 PicaJet FX 2.6.5 Denial of Service via Registration Fields
PicaJet FX 2.6.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields via the Help menu's Register PicaJet...
EUVD-2018-21798
PicaJet FX 2.6.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields via the Help menu's Register PicaJet...
CVE-2018-25278 PicaJet FX 2.6.5 Denial of Service via Registration Fields
PicaJet FX 2.6.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields via the Help menu's Register PicaJet...
CVE-2018-25278
PicaJet FX 2.6.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields via the Help menu's Register PicaJet...
CVE-2018-25278
PicaJet FX 2.6.5 is affected by a local denial-of-service in the Registration dialog. The issue occurs when an oversized input is submitted to the Registration Name and Registration Key fields (tested with a 6000-byte buffer via Help → Register PicaJet), which can crash the application. Public re...
CVE-2018-25276
RoboImport 1.2.0.72 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields and click Register to trigger an...
CVE-2018-25276 RoboImport 1.2.0.72 Denial of Service via Registration Fields
RoboImport 1.2.0.72 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields and click Register to trigger an...
CVE-2018-25276 RoboImport 1.2.0.72 Denial of Service via Registration Fields
RoboImport 1.2.0.72 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields and click Register to trigger an...
CVE-2018-25276
CVE-2018-25276 — RoboImport 1.2.0.72 DoS via Registration Fields . The description specifies a local denial-of-service vulnerability where submitting oversized input crashes the application. Specifically, a 6000-byte buffer pasted into the Registration Name and Registration Key fields and then cl...
PT-2026-35267
Wansview 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can inject 2000-byte payloads into the Camera name and DID number fields during camera addition to trigger application crashes...
Picajet PicaJet FX 安全漏洞
Picajet PicaJet FX is a image management software developed by Picajet Corporation, designed for photo browsing, management, and organization. Version 2.6.5 of Picajet PicaJet FX contains a security vulnerability. This vulnerability arises from the possibility of denial-of-service attacks when...
Picajet RoboImport 安全漏洞
Picajet RoboImport is a tool developed by Picajet Corporation that supports automated data collection and web information scraping. Version 1.2.0.72 of Picajet RoboImport contains a security vulnerability. This vulnerability arises from the refusal to serve when submitting overly long input for t...
SUSE CVE-2026-31624
In the Linux kernel, the following vulnerability has been resolved: HID: core: clamp reportsize in s32ton to avoid undefined shift s32ton shifts by n-1 where n is the field's reportsize, a value that comes directly from a HID device. The HID parser bounds reportsize only to 32 clamp to the functi...
GHSA-F5C8-M5VW-RMGQ nova-toggle-5: Improper authorization on toggle endpoint allowed non-Nova users to modify boolean fields
Impact In versions middleware. Any user authenticated on the configured guard could call the endpoint and flip boolean attributes on any Nova resource — including users who do not have access to Nova itself for example, frontend customers sharing the web guard with the Nova admin area. The endpoi...
nova-toggle-5: Improper authorization on toggle endpoint allowed non-Nova users to modify boolean fields
Impact In versions middleware. Any user authenticated on the configured guard could call the endpoint and flip boolean attributes on any Nova resource — including users who do not have access to Nova itself for example, frontend customers sharing the web guard with the Nova admin area. The endpoi...
CVE-2026-4313
AdaptiveGRC is vulnerable to Stored XSS via text type fields across the forms. Authenticated attacker can replace the value of the text field in the HTTP POST request. Improper parameter validation by the server results in arbitrary JavaScript execution in the victim's browser. Critically, this...
CVE-2026-4313
CVE-2026-4313 affects AdaptiveGRC. The issue is a stored XSS vulnerability in text-type fields across forms, where an authenticated attacker can replace a field value in an HTTP POST request. The server’s improper parameter validation can lead to arbitrary JavaScript execution in the victim’s bro...
CVE-2026-4313 Stored XSS in AdaptiveGRC
AdaptiveGRC is vulnerable to Stored XSS via text type fields across the forms. Authenticated attacker can replace the value of the text field in the HTTP POST request. Improper parameter validation by the server results in arbitrary JavaScript execution in the victim's browser. Critically, this...