163 matches found
Astra Linux - уязвимость в python-django
A issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was susceptible to a denial-of-service attack when used with very long strings...
CVE-2021-47973 Sticky Notes Widget 3.0.6 Denial of Service via Buffer Overflow
Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger ...
CVE-2021-47971 My Notes Safe 5.3 Denial of Service via Buffer Overflow
My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger an...
CVE-2021-47972 Sticky Notes & Color Widgets 1.4.2 Denial of Service
Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger application crashes and mak...
CVE-2021-47972
The CVE-2021-47972 entry affects Sticky Notes & Color Widgets 1.4.2 and describes a denial-of-service: attackers can crash the application by pasting excessively long character strings into note fields, causing crashes and unresponsiveness. The connected documents confirm the affected product/ver...
CVE-2021-47972 Sticky Notes & Color Widgets 1.4.2 Denial of Service
Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger application crashes and mak...
CVE-2021-47969 Color Notes 1.4 Denial of Service via Long Character String
Color Notes 1.4 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350,000 repeated characters and paste it twice into a new note to cause the...
CVE-2021-47969
CVE-2021-47969 affects Color Notes 1.4. The vulnerability is a denial of service caused by pasting excessively long character strings into note fields, e.g., a payload of about 350,000 repeated characters pasted twice can make the application stop responding. The available data describe the impac...
Social & Mobile Color Notes 安全漏洞
Social & Mobile Color Notes is a note application developed by Social & Mobile that supports text recording, task management, and color categorization. Version 1.4 of Social & Mobile Color Notes contains a security vulnerability. This vulnerability stems from a denial-of-service issue, which coul...
CVE-2026-7568 Signed integer overflow in metaphone()
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...
CVE-2026-7568
CVE-2026-7568 concerns a signed integer overflow in PHP’s metaphone() implementation (ext/standard/metaphone.c). In affected releases (PHP 8.2.x before 8.2.31, 8.3.x before 8.3.31, 8.4.x before 8.4.21, and 8.5.x before 8.5.6), the function uses a signed int to track the current input position. If...
PHP 缓冲区错误漏洞
PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 contained a buffer error vulnerability. This vulnerability stemmed from the use of the metaphone function, which used signed integer variables to track the current...
Astra Linux – Vulnerability in Python-Django
A issue was discovered in Django 5.0, prior to versions 5.0.7 and 4.2, prior to version 4.2.14. The getsupportedlanguagevariant function was vulnerable to a denial-of-service attack when used with very long strings containing specific characters...
CLSA-2026-1777322146 jq: Fix of CVE-2026-32316
CVE-2026-32316: fix heap buffer overflow in jvpstringappend and jvpstringcopyreplacebad caused by uint32t overflow in size calculations for strings exceeding INTMAX bytes...
CVE-2025-50671
CVE-2025-50671 describes a buffer overflow in D-Link DI-8003 firmware (16.07.26A1) caused by improper bounds checking in the /xwgl_ref.asp endpoint. An attacker can trigger by sending crafted HTTP GET requests with excessively long values for parameters such as name, en, user_id, shibie_name, tim...
Watchr 安全漏洞
Watchr is a video recording application developed by Watchr Inc. Version 1.1.0.0 of Watchr contains a security vulnerability. This vulnerability arises from the search function’s improper handling of excessively long strings, which may allow local attackers to cause the application to crash by...
FastTube 安全漏洞
FastTube is a third-party client provided by FastTube Corporation for watching YouTube videos. Version 1.0.1.0 of FastTube contains a security vulnerability. This vulnerability stems from the search function’s improper handling of overly long strings, which may allow local attackers to cause the...
EUVD-2019-20047
Device Monitoring Studio 8.10.00.8925 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the server connection dialog. Attackers can trigger the crash by entering a malformed server name or address containing...
BulletProof FTP Server 安全漏洞
BulletProof FTP Server is an FTP server software developed by BulletProof Corporation. Version 2019.0.0.50 of BulletProof FTP Server contains a security vulnerability. This vulnerability stems from a denial-of-service vulnerability in the SMTP configuration interface, which could allow local...
SmartFTP Client 安全漏洞
SmartFTP Client is a graphical file transfer client software developed by SmartFTP Corporation. Version 9.0.2615.0 of SmartFTP Client contains a security vulnerability. This vulnerability stems from a denial-of-service vulnerability in the host field, which could allow local attackers to cause th...