CVE-2018-25242

One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar to trigger an unhandled exception...

CVE-2018-25242 One Search 1.1.0.0 Denial of Service

One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar to trigger an unhandled exception...

CVE-2018-25241 VPN Browser+ 1.1.0.0 Denial of Service

VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of characters into the search bar to trigger an unhandled exception tha...

CVE-2018-25240 Watchr 1.1.0.0 Denial of Service via Search

Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the...

CVE-2018-25240 Watchr 1.1.0.0 Denial of Service via Search

Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the...

Dell Data Lakehouse SQL注入漏洞

Dell Data Lakehouse is a fully integrated data platform from Dell, Inc. Dell Data Lakehouse versions 1.0.0.0 and 1.1.0.0 are vulnerable to a SQL injection vulnerability that stems from the inclusion of a SQL injection flaw that can be exploited by an unauthenticated attacker to cause an informati...

CODESYS 信任管理问题漏洞

CODESYS is a controller development system from 3S-Smart Software Solutions, Germany. A trust management issue vulnerability exists in CODESYS Git, which stems from the lack of certificate validation in the HTTPS handshake in affected CODESYS Git versions prior to V1.1.0.0. An attacker could...

SonicWall Switch 缓冲区错误漏洞

SonicWall Switch is a network device. A switch. A buffer overflow vulnerability exists in SonicWall Switch versions prior to 1.1.0.0-11s, which can be exploited by remote attackers to access potentially sensitive information or perform a denial of service DoS attack...

Watchr 1.1.0.0 - Denial of Service Exploit

Exploit Title: Watchr 1.1.0.0 - Denial of Service PoC Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://www.microsoft.com/store/productId/9PN12GNX62VZ Version: 1.1.0.0 Tested on: Windows 10 Proof of Concept: Run the python script, it will create a new file "watchr.txt" Co...

One Search 1.1.0.0 - Denial of Service Exploit

Exploit Title: One Search 1.1.0.0 - Denial of Service PoC Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://www.microsoft.com/store/productId/9PMR5QNS5LTL Version: 1.1.0.0 Tested on: Windows 10 Proof of Concept: Run the python script, it will create a new file "PoC.txt"...

One Search 1.1.0.0 - Denial of Service (PoC)

One Search 1.1.0.0 - Denial of Service PoC Exploit Title: One Search 1.1.0.0 - Denial of Service PoC Date: 1/18/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://www.microsoft.com/store/productId/9PMR5QNS5LTL Version: 1.1.0.0 Tested on: Windows 10 Proof of Concept: R...

sDNSProxy.exe Denial of Service Vulnerability

sDNSProxy.exe is a DNS proxy server. A denial of service vulnerability exists in sDNSProxy.exe version 1.1.0.0 and earlier. A remote attacker can exploit this vulnerability to cause a denial of service...