CVE-2021-47973

Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger ...

CVE-2021-47969 Color Notes 1.4 Denial of Service via Long Character String

Color Notes 1.4 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350,000 repeated characters and paste it twice into a new note to cause the...

PT-2026-41457

Name of the Vulnerable Software and Affected Versions My Notes Safe version 5.3 Description A denial of service issue allows attackers to crash the application by pasting excessively long character strings into note fields. This is triggered when a payload containing 350,000 repeated characters i...

BIT-LIBPHP-2026-7568 Signed integer overflow in metaphone()

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...

CVE-2018-25295

ObserverIP Scan Tool 1.4.0.1 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the IP input field. Attackers can paste a 2000-byte buffer of repeated characters into the IP field and trigger a search operati...

CVE-2018-25295 ObserverIP Scan Tool 1.4.0.1 Denial of Service via IP Field

ObserverIP Scan Tool 1.4.0.1 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the IP input field. Attackers can paste a 2000-byte buffer of repeated characters into the IP field and trigger a search operati...

CVE-2018-25295

ObserverIP Scan Tool 1.4.0.1 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the IP input field. Attackers can paste a 2000-byte buffer of repeated characters into the IP field and trigger a search operati...

CVE-2018-25292

CVE-2018-25292 affects Bome Restorator 1793. The vulnerability is a buffer overflow in the Name field that allows a local attacker to crash the application by pasting a payload exceeding ~4000 bytes, resulting in denial of service. The issue is triggered via a long input string in the Name input;...

CVE-2018-25291

CVE-2018-25291 affects Project64 2.3.2, where a buffer overflow in the Plugin Directory settings field can crash the application. An attacker can supply a long input (reported around a 6000-byte payload) through the Options > Settings > Directories interface, with the crash triggered when s...

CVE-2018-25288

StyleWriter 1.0 is affected by a buffer overflow in the Pattern to Find / Advice Message fields (Add Pattern dialog). A 6000-byte payload can be pasted to trigger a denial-of-service locally. The CVE details indicate a local attack vector with high impact on availability and no confidentiality/in...

Picajet RoboImport 安全漏洞

Picajet RoboImport is a tool developed by Picajet Corporation that supports automated data collection and web information scraping. Version 1.2.0.72 of Picajet RoboImport contains a security vulnerability. This vulnerability arises from the refusal to serve when submitting overly long input for t...

PixGPS 安全漏洞

PixGPS is an image geolocation marking tool developed by PixGPS Inc. Based on positioning technology. Version 1.1.8 of PixGPS contains a security vulnerability. This vulnerability arises from a buffer overflow when submitting excessively long strings in the folder path input field. This could all...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : polkit vulnerabilities (USN-8173-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8173-1 advisory. It was discovered that polkit incorrectly handled nested elements in XML policy files. If an administrator were tricked into installi...

USN-8173-1: polkit vulnerabilities

It was discovered that polkit incorrectly handled nested elements in XML policy files. If an administrator were tricked into installing a malicious policy file, a remote attacker could possibly use this issue to cause polkit to crash, resulting in a denial of service. CVE-2025-7519 Pavel Kohout...

CVE-2026-35201

Discount is an implementation of John Gruber's Markdown markup language in C. From 1.3.1.1 to before 2.2.7.4, a signed length truncation bug causes an out-of-bounds read in the default Markdown parse path. Inputs larger than INTMAX are truncated to a signed int before entering the native parser,...

CVE-2019-25659 ASPRunner Professional 6.0.766 Local Buffer Overflow DoS

ASPRunner Professional 6.0.766 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by supplying an excessively long project name. Attackers can paste 180 or more characters into the Project name field during project creation to trigger an application...

CVE-2019-25657

CVE-2019-25657 affects AnyBurn 4.3 x86. The vulnerability is a denial-of-service caused by an excessively long string in the image conversion function, which can crash the application if a large buffer is pasted into the source or destination image file fields and Convert Now is pressed. This is ...

EUVD-2018-21744

Microsoft 7 Tik 1.0.1.0 contains a denial of service vulnerability that allows attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 7700 characters into the search bar to trigger an application crash...

CVE-2018-25245

7 Tik 1.0.1.0 contains a denial of service vulnerability that allows attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 7700 characters into the search bar to trigger an application crash...

CVE-2018-25242

One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar to trigger an unhandled exception...