124 matches found
CVE-2018-25240 Watchr 1.1.0.0 Denial of Service via Search
Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the...
CVE-2018-25239 Smart VPN 1.1.3.0 Denial of Service via Search
Smart VPN 1.1.3.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the search interface. Attackers can paste a buffer of 2100 characters into the top right search bar to trigger an unhandled exception that crashe...
CVE-2018-25240
Microsoft Watchr 1.1.0.0 is affected by a local denial-of-service vulnerability in its search feature: submitting an excessively long string (about 8,145 characters) can crash the application. The issue stems from input handling in the search function, enabling a local attacker to trigger a crash...
CVE-2018-25238
Microsoft VSCO 1.1.1.0 contains a local denial-of-service vulnerability where an attacker can crash the application by submitting an excessively long string in the search functionality. Specifically, pasting a 5,000-character buffer into the search bar and navigating back triggers the crash. No e...
CVE-2018-25238 VSCO 1.1.1.0 Denial of Service via Search
VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application...
PT-2026-30359
Microsoft VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an...
7 Tik 安全漏洞
7 Tik is an unofficial TikTok client developed by 7 Tik Company. Version 7 Tik 1.0.1.0 contains a security vulnerability. This vulnerability arises from the search function’s improper handling of extremely long input strings, which could allow attackers to cause the application to crash by...
PHPGurukul Vehicle Record Management System 安全漏洞
PHPGurukul Vehicle Record Management System is a vehicle record management system developed by PHPGurukul Corporation. Version 1.0 of the Phpgurukul Vehicle Record Management System contains a security vulnerability. This vulnerability arises from improper cleaning of the Search parameter input i...
CVE-2019-25602 GSearch 1.0.1.0 Denial of Service via Search Input
GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an...
CVE-2019-25602
GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an...
EUVD-2019-19844
BlueStacks 4.80.0.1060 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to the search field. Attackers can paste a buffer of 100,000 'A' characters into the search field and trigger a search operation to cause the...
BlueStacks 安全漏洞
BlueStacks is an Android emulator for Windows systems developed by the American company BlueStacks. Version 4.80.0.1060 of BlueStacks has a security vulnerability. This vulnerability stems from excessive input in the search field, which could allow local attackers to trigger the search operation...
BearShare Lite security vulnerability
BearShare Lite is a peer-to-peer file sharing software developed by the BearShare company. Version 5.2.5 of BearShare Lite contains a security vulnerability, which stems from a buffer overflow in the advanced search keyword input field, potentially allowing for the execution of arbitrary code...
CVE-2026-1183 HTML injection in multiple Botble products
HTML injection vulnerability in multiple Botble products such as TransP, Athena, Martfury, and Homzen, consisting of an HTML injection due to a lack of proper validation of user input by sending a request to '/search' using the 'q' parameter...
MiracleLinux 4 : sssd-1.13.3-60.AXS4, ding-libs-0.4.0-13.AXS4 (AXSA:2018-3221:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3221:01 advisory. sssd: unsanitized input when searching in local cache database CVE-2017-12173 Tenable has extracted the preceding description block directly from the...
GESTSUP SQL注入漏洞
GESTSUP is a software application from the French company GESTSUP. It is 100% web-based SUPport MANAGEMENT software that manages tickets and devices. A SQL injection vulnerability exists in GESTSUP 3.2.56 and prior versions, which arises from user-controlled search input in the search bar feature...
SUSE CVE-2025-68942
Gitea before 1.22.2 allows XSS because the search input box for creating tags and branches is v-html instead of v-text...
BIT-GITEA-2025-68942
Gitea before 1.22.2 allows XSS because the search input box for creating tags and branches is v-html instead of v-text...
GO-2025-4263 Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea
Gitea allows XSS because the search input box for creating tags and branches is v-html instead of v-text in code.gitea.io/gitea...
CVE-2025-68942
A flaw was found in Gitea. A remote attacker could exploit a Cross-Site Scripting XSS vulnerability by injecting malicious scripts into the search input box. This occurs because the application improperly uses v-html instead of v-text for rendering user input. Successful exploitation allows for t...