CVE-2026-6824 CP Plus 8 Ch. Network Video Recorder Cross-site Scripting

A stored cross-site scripting XSS vulnerability exists in certain 1xxx series NVR devices due to insufficient sanitization of user-supplied input in specific functional modules. Attackers can inject malicious scripts, which are then persistently stored on the device backend. When administrators o...

PT-2026-44969

A stored cross-site scripting XSS vulnerability exists in certain 1xxx series NVR devices due to insufficient sanitization of user-supplied input in specific functional modules. Attackers can inject malicious scripts, which are then persistently stored on the device backend. When administrators o...

CVE-2019-25544

Pidgin 2.13.0 contains a denial of service vulnerability that allows local attackers to crash the application by providing an excessively long username string during account creation. Attackers can input a buffer of 1000 characters in the username field and trigger a crash when joining a chat,...

CVE-2019-25546 NetAware 1.20 Share Name Denial of Service

NetAware 1.20 contains a buffer overflow vulnerability in the Share Name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by pasting a 1000-byte buffer into the Share Name parameter when adding a new shar...

CVE-2019-25546 NetAware 1.20 Share Name Denial of Service

NetAware 1.20 contains a buffer overflow vulnerability in the Share Name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by pasting a 1000-byte buffer into the Share Name parameter when adding a new shar...

LROO Rug Pull Detector: A Leakage-Resistant Framework Based on On-Chain and OSINT Signals

Smart contract-based ecosystems enable decentralized applications without trusted intermediaries, but their immutability and permissionless design also facilitate large-scale fraud. One of the most prevalent attacks is the rug pull, where project operators abruptly withdraw liquidity after...

CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

CVE-2026-27821 GPAC NHML Demuxer (dmx_nhml.c) Vulnerable to Stack Buffer Overflow

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

PT-2026-22061

Name of the Vulnerable Software and Affected Versions GPAC versions up to and including 26.02.0 Description GPAC is an open-source multimedia framework. A stack buffer overflow occurs during NHML file parsing in src/filters/dmx nhml.c. The xmlHeaderEnd XML attribute’s value from att-value is copi...

CVE-2020-37206

ShareAlarmPro contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload to trigger an application crash when pasted into the registration key field...

CVE-2020-37189

TaskCanvas 1.4.0 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration field to trigger an application crash...

CVE-2020-37187

SpotDialup 1.6.7 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash...

CVE-2020-37212 SpotMSN 2.4.6 - 'Name' Denial of Service

SpotMSN 2.4.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash...

CVE-2020-37209

SpotFTP 3.0.0.0 contains a denial-of-service vulnerability in the Name field during registration. A crafted 1000-character payload can crash the application, indicating a buffer handling issue in the input for the registration name. The CVSS metrics show mixed assessments: CVSS v3.1 vector AV:N/A...

CVE-2020-37202

CVE-2020-37202 affects NetworkSleuth 3.0.0.0 and is a denial-of-service vulnerability caused by an oversized registration key. A 1000-character buffer payload pasted into the registration key field can crash the application. The CVSS metrics indicate a network-accessible, low-attack-complexity vu...

CVE-2020-37200

NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration key input that allows attackers to crash the application by supplying oversized input. Attackers can generate a 1000-character payload and paste it into the registration key field to trigger an application crash...

CVE-2020-37199 NBMonitor 1.6.6.0 - 'Key' Denial of Service

NBMonitor 1.6.6.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash...

CVE-2020-37197

CVE-2020-37197 affects the Dnss Domain Name Search Software. The vulnerability arises in the registration Name input field, where an attacker can supply a crafted 1000-character payload to trigger a crash, resulting in a Denial of Service . The NVD/NVD-derived data confirms the attack vector as n...

CVE-2020-37197 Dnss Domain Name Search Software - 'Name' Denial of Service

Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application crash...