CVE-2019-25591 DNSS Domain Name Search Software 2.1.8 Denial of Service

DNSS Domain Name Search Software 2.1.8 contains a buffer overflow vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can trigger a denial of service by pasting a malicious registration code...

PT-2026-20523

ipPulse 1.92 contains a denial of service vulnerability that allows local attackers to crash the application by providing an oversized input in the Enter Key field. Attackers can generate a 256-byte buffer of repeated 'A' characters to trigger an application crash when pasting the malicious conte...

CVE-2019-25339

GHIA CamIP 1.2 for iOS contains a denial of service vulnerability in the password input field that allows attackers to crash the application. Attackers can paste a 33-character buffer of repeated characters into the password field to trigger an application crash on iOS devices...

PT-2026-7939

SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file with 2000 repeated characters to trigger an application crash when pasted in...

CVE-2020-37203

Office Product Key Finder 1.5.4 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the registration code input. Attackers can create a specially crafted text file and paste it into the 'Name and Key' field to trigger an application crash...

CVE-2020-37188

SpotOutlook 1.2.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can overwrite the buffer by pasting 1000 'A' characters into the 'Name' field, causing the application to become unresponsive...

CVE-2020-37175

CVE-2020-37175 concerns P2PWIFICAM2 for iOS 10.4.1. The vulnerability is a denial of service caused by processing the Camera ID input field: pasting a 257-character buffer can crash the application on iOS devices. The available metrics show a CVSS v3.1 base score of 7.5 (HIGH, NETWORK attack vect...

EUVD-2020-30908

Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. Attackers can craft malicious payloads and overwrite Structured Exception Handler SEH to execute shellcode when pasting specially...

PT-2026-5288

Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. Attackers can craft malicious payloads and overwrite Structured Exception Handler SEH to execute shellcode when pasting specially...

CVE-2021-47827 WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service

WebSSH for iOS 14.16.10 contains a denial of service vulnerability in the mashREPL tool that allows attackers to crash the application by pasting malformed input. Attackers can trigger the vulnerability by copying a 300-character buffer of repeated 'A' characters into the mashREPL input field,...

CVE-2022-23474

Editor.js is a block-style editor with clean JSON output. Versions prior to 2.26.0 are vulnerable to Code Injection via pasted input. The processHTML method passes pasted input into wrapper’s innerHTML. This issue is patched in version 2.26.0...

Remote Code Execution

@editorjs/editorjs is vulnerable to remote code execution. An attacker is able to upload and execute malicious code on the system via pasted input into wrapper's innerHTML method...

Editor.js 跨站脚本漏洞

Editor.js is a CodeX open source block style editor with clean JSON output. A cross-site scripting vulnerability exists in Editor.js versions prior to 2.26.0, which stems from easy code injection via pasted input, where the processHTML method passes pasted input to the innerHTML of the wrapper...

PT-2022-16015 · Editor.Js · Editor.Js

Name of the Vulnerable Software and Affected Versions: Editor.js versions prior to 2.26.0 Description: The issue concerns a code injection vulnerability via pasted input in Editor.js, a block-style editor. The processHTML method is vulnerable as it passes pasted input into the wrapper's innerHTML...