Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-25354

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-18 Feb, 2026 | 21:55
Updated At-19 Feb, 2026 | 20:10
Rejected At-
Credits

iSmartViewPro 1.3.34 - Denial of Service

iSmartViewPro 1.3.34 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the camera ID input field. Attackers can paste a 257-character buffer into the camera DID and password fields to trigger an application crash on iOS devices.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:18 Feb, 2026 | 21:55
Updated At:19 Feb, 2026 | 20:10
Rejected At:
â–¼CVE Numbering Authority (CNA)
iSmartViewPro 1.3.34 - Denial of Service

iSmartViewPro 1.3.34 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the camera ID input field. Attackers can paste a 257-character buffer into the camera DID and password fields to trigger an application crash on iOS devices.

Affected Products
Vendor
Shenzhen Smarteye Digital Electronics Co., Ltd.
Product
iSmartViewPro
Versions
Affected
  • 1.3.34
Problem Types
TypeCWE IDDescription
CWECWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
4.04.6MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Version: 4.0
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Ivan Marmolejo
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.exploit-db.com/exploits/47662
exploit
http://www.smarteyegroup.com/
product
https://apps.apple.com/mx/app/ismartviewpro/id834791071
product
https://www.vulncheck.com/advisories/ismartviewpro-denial-of-service
third-party-advisory
Hyperlink: https://www.exploit-db.com/exploits/47662
Resource:
exploit
Hyperlink: http://www.smarteyegroup.com/
Resource:
product
Hyperlink: https://apps.apple.com/mx/app/ismartviewpro/id834791071
Resource:
product
Hyperlink: https://www.vulncheck.com/advisories/ismartviewpro-denial-of-service
Resource:
third-party-advisory
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:18 Feb, 2026 | 22:16
Updated At:19 Feb, 2026 | 15:53

iSmartViewPro 1.3.34 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the camera ID input field. Attackers can paste a 257-character buffer into the camera DID and password fields to trigger an application crash on iOS devices.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.04.6MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 4.0
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-120Primarydisclosure@vulncheck.com
CWE ID: CWE-120
Type: Primary
Source: disclosure@vulncheck.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.smarteyegroup.com/disclosure@vulncheck.com
N/A
https://apps.apple.com/mx/app/ismartviewpro/id834791071disclosure@vulncheck.com
N/A
https://www.exploit-db.com/exploits/47662disclosure@vulncheck.com
N/A
https://www.vulncheck.com/advisories/ismartviewpro-denial-of-servicedisclosure@vulncheck.com
N/A
Hyperlink: http://www.smarteyegroup.com/
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://apps.apple.com/mx/app/ismartviewpro/id834791071
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.exploit-db.com/exploits/47662
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.vulncheck.com/advisories/ismartviewpro-denial-of-service
Source: disclosure@vulncheck.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

54Records found
CVE-2019-25349
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 12.79%
||
7 Day CHG~0.00%
Published-18 Feb, 2026 | 21:54
Updated-19 Feb, 2026 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
scadaApp for iOS 1.1.4.0 - 'Servername' Denial of Service

ScadaApp for iOS 1.1.4.0 contains a denial of service vulnerability that allows attackers to crash the application by inputting an oversized buffer in the Servername field. Attackers can paste a 257-character buffer during login to trigger an application crash on iOS devices.

Action-Not Available
Vendor-scadaapp
Product-scadaApp for iOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-25353
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 12.79%
||
7 Day CHG~0.00%
Published-18 Feb, 2026 | 21:54
Updated-19 Feb, 2026 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service

Foscam Video Management System 1.1.4.9 contains a denial of service vulnerability in the username input field that allows attackers to crash the application. Attackers can overwrite the username with a 520-byte buffer of repeated 'A' characters to trigger an application crash during device login.

Action-Not Available
Vendor-Diy Security SL
Product-Foscam Video Management System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-25326
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 4.49%
||
7 Day CHG~0.00%
Published-18 Feb, 2026 | 21:54
Updated-24 Feb, 2026 | 20:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ipPulse 1.92 - 'Enter Key' Denial of Service

ipPulse 1.92 contains a denial of service vulnerability that allows local attackers to crash the application by providing an oversized input in the Enter Key field. Attackers can generate a 256-byte buffer of repeated 'A' characters to trigger an application crash when pasting the malicious content.

Action-Not Available
Vendor-nwpswNorthwest Performance Software, Inc.
Product-ippulseipPulse
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-28925
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.5||HIGH
EPSS-0.03% / 9.21%
||
7 Day CHG~0.00%
Published-11 May, 2026 | 20:08
Updated-12 May, 2026 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to cause unexpected system termination or write kernel memory.

Action-Not Available
Vendor-Apple Inc.
Product-macosmacOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-58107
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.09% / 24.96%
||
7 Day CHG-0.10%
Published-07 Apr, 2025 | 03:33
Updated-07 May, 2025 | 20:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CVE-2023-52550
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.08% / 23.68%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 08:56
Updated-13 Mar, 2025 | 15:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUIharmonyosemui
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-52549
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.08% / 23.68%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 08:55
Updated-13 Mar, 2025 | 15:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUIharmonyosemui
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-43615
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 54.19%
||
7 Day CHG~0.00%
Published-07 Oct, 2023 | 00:00
Updated-19 Sep, 2024 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.

Action-Not Available
Vendor-n/ambedFedora ProjectArm Limited
Product-mbed_tlsfedoran/ambedtls
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-20336
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.42% / 61.97%
||
7 Day CHG~0.00%
Published-17 Sep, 2019 | 15:51
Updated-05 Aug, 2024 | 11:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. There is a stack-based buffer overflow issue in parse_req_queries function in wanduck.c via a long string over UDP, which may lead to an information leak.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-asuswrt-merlinrt-ac68un/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-44283
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.41% / 61.68%
||
7 Day CHG+0.31%
Published-09 May, 2023 | 00:00
Updated-29 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow in the component /Enclave.cpp of Electronics and Telecommunications Research Institute ShieldStore commit 58d455617f99705f0ffd8a27616abdf77bdc1bdc allows attackers to cause an information leak via a crafted structure from an untrusted operating system.

Action-Not Available
Vendor-shieldstore_projectn/a
Product-shieldstoren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-33185
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.61%
||
7 Day CHG~0.00%
Published-18 Jun, 2021 | 21:49
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.

Action-Not Available
Vendor-serenityosn/a
Product-serenityosn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37202
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.01% / 2.51%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NetworkSleuth 3.0.0.0 - 'Key' Denial of Service

NetworkSleuth 3.0.0.0 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor NetworkSleuth
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-31663
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.45% / 63.63%
||
7 Day CHG~0.00%
Published-18 Jun, 2021 | 21:49
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RIOT-OS 2021.01 before commit bc59d60be60dfc0a05def57d74985371e4f22d79 contains a buffer overflow which could allow attackers to obtain sensitive information.

Action-Not Available
Vendor-riot-osn/a
Product-riotn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37211
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 14.09%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-26 Feb, 2026 | 23:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotIM 2.2 - 'Name' Denial Of Service

SpotIM 2.2 contains a denial of service vulnerability that allows attackers to crash the application by inputting a large buffer in the registration name field. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotimNsauditor SpotIM
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-31661
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.34% / 56.41%
||
7 Day CHG~0.00%
Published-18 Jun, 2021 | 21:49
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RIOT-OS 2021.01 before commit 609c9ada34da5546cffb632a98b7ba157c112658 contains a buffer overflow that could allow attackers to obtain sensitive information.

Action-Not Available
Vendor-riot-osn/a
Product-riotn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-31664
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.34% / 56.41%
||
7 Day CHG~0.00%
Published-18 Jun, 2021 | 21:49
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.

Action-Not Available
Vendor-riot-osn/a
Product-riotn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-31660
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.34% / 56.41%
||
7 Day CHG~0.00%
Published-18 Jun, 2021 | 21:50
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.

Action-Not Available
Vendor-riot-osn/a
Product-riotn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-46035
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.32% / 55.34%
||
7 Day CHG~0.00%
Published-12 Jun, 2025 | 00:00
Updated-16 Jun, 2025 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-34727
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.5||HIGH
EPSS-0.41% / 61.79%
||
7 Day CHG~0.00%
Published-15 Aug, 2024 | 21:56
Updated-19 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-27343
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.45% / 63.63%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 12:07
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SerenityOS Unspecified is affected by: Buffer Overflow. The impact is: obtain sensitive information (context-dependent). The component is: /Userland/Libraries/LibCrypto/ASN1/DER.h Crypto::der_decode_sequence() function. The attack vector is: Parsing RSA Key ASN.1.

Action-Not Available
Vendor-serenityosn/a
Product-serenityosn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37185
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 12.79%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 18:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Backup Key Recovery 2.2.5 - 'Name' Denial of Service

Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor Backup Key Recovery
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37193
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.01% / 1.64%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-05 Mar, 2026 | 01:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZIP Password Recovery 2.30 - 'ZIP File' Denial of Service

ZIP Password Recovery 2.30 contains a denial of service vulnerability that allows attackers to crash the application by providing maliciously crafted input. Attackers can create a specially prepared text file with specific characters to trigger an application crash when selecting a ZIP file.

Action-Not Available
Vendor-Top Password Software
Product-ZIP Password Recovery
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-31662
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.34% / 56.41%
||
7 Day CHG~0.00%
Published-18 Jun, 2021 | 21:49
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RIOT-OS 2021.01 before commit 07f1254d8537497552e7dce80364aaead9266bbe contains a buffer overflow which could allow attackers to obtain sensitive information.

Action-Not Available
Vendor-riot-osn/a
Product-riotn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37206
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.01% / 2.73%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-26 Feb, 2026 | 23:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ShareAlarmPro Advanced Network Access Control - 'Key' Denial of Service

ShareAlarmPro contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload to trigger an application crash when pasted into the registration key field.

Action-Not Available
Vendor-nsasoftNsasoft
Product-sharealarmproNsauditor ShareAlarmPro Advanced Network Access Control
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37179
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 12.79%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-13 Feb, 2026 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
APKF Product Key Finder 2.5.8.0 - 'Name' Denial of Service

APKF Product Key Finder 2.5.8.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor APKF Product Key Finder
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37189
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.01% / 2.40%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TaskCanvas 1.4.0 - 'Registration' Denial Of Service

TaskCanvas 1.4.0 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration field to trigger an application crash.

Action-Not Available
Vendor-DigitalVolcano Software
Product-TaskCanvas
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37188
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.01% / 2.51%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotOutlook 1.2.6 - 'Name' Denial of Service

SpotOutlook 1.2.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can overwrite the buffer by pasting 1000 'A' characters into the 'Name' field, causing the application to become unresponsive.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor SpotOutlook
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37180
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.03% / 9.70%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GTalk Password Finder 2.2.1 - 'Key' Denial of Service

GTalk Password Finder 2.2.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character payload and paste it into the 'Key' field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor GTalk Password Finder
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-36995
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.03% / 9.70%
||
7 Day CHG~0.00%
Published-29 Jan, 2026 | 14:28
Updated-12 May, 2026 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service

Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal functionality.

Action-Not Available
Vendor-telnet-lite
Product-Mocha Telnet Lite for iOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37199
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.01% / 2.73%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-05 Mar, 2026 | 01:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NBMonitor 1.6.6.0 - 'Key' Denial of Service

NBMonitor 1.6.6.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-nbmonitorNsauditor NBMonitor
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37197
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.01% / 2.73%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-26 Feb, 2026 | 23:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dnss Domain Name Search Software - 'Name' Denial of Service

Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-domain_name_search_softwareNsauditor Dnss Domain Name Search Software
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37205
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 4.32%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-20 Feb, 2026 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RemShutdown 2.9.0.0 - 'Name' Denial of Service

RemShutdown 2.9.0.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' registration field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-remshutdownNsauditor RemShutdown
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37194
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 12.79%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 16:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Backup Key Recovery Recover Keys Crashed Hard Disk Drive 2.2.5 - 'Key' Denial of Service

Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by supplying an overly long registration key. Attackers can generate a 1000-character payload file and paste it into the registration key field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor Backup Key Recovery Recover Keys Crashed Hard Disk Drive
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37196
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.01% / 2.73%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-27 Feb, 2026 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dnss Domain Name Search Software - 'Key' Denial of Service

Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by providing an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-domain_name_search_softwareNsauditor Dnss Domain Name Search Software
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37212
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 14.09%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-26 Feb, 2026 | 23:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotMSN 2.4.6 - 'Name' Denial of Service

SpotMSN 2.4.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotmsnNsauditor SpotMSN
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37204
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 4.32%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-20 Feb, 2026 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RemShutdown 2.9.0.0 - 'Key' Denial of Service

RemShutdown 2.9.0.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNSAuditor
Product-remshutdownNsauditor RemShutdown
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37175
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 12.79%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:36
Updated-17 Feb, 2026 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service

P2PWIFICAM2 for iOS 10.4.1 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the Camera ID input field. Attackers can paste a 257-character buffer into the Camera ID field to trigger an application crash on iOS devices.

Action-Not Available
Vendor-Ka Ming Cheung
Product-P2PWIFICAM2 for iOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37201
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 4.48%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-17 Feb, 2026 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NetShareWatcher 1.5.8.0 - 'Name' Denial Of Service

NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration name input that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-netsharewatcherNsauditor NetShareWatcher
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37187
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.01% / 2.51%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotDialup 1.6.7 - 'Name' Denial of Service

SpotDialup 1.6.7 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor SpotDialup
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-36994
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 4.60%
||
7 Day CHG~0.00%
Published-29 Jan, 2026 | 14:28
Updated-12 May, 2026 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service

QlikView 12.50.20000.0 contains a denial of service vulnerability in the FTP server address input field that allows local attackers to crash the application. Attackers can paste a 300-character buffer into the FTP server address field to trigger an application crash and prevent normal functionality.

Action-Not Available
Vendor-QlikTech International AB
Product-QlikView
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37210
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 14.09%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-26 Feb, 2026 | 23:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotIE 2.9.5 - 'Key' Denial of Service

SpotIE 2.9.5 contains a denial of service vulnerability in the registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotieNsauditor SpotIE
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-28361
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.63% / 70.47%
||
7 Day CHG~0.00%
Published-26 Mar, 2025 | 00:00
Updated-01 Apr, 2025 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unauthorized stack overflow vulnerability in Telesquare TLR-2005KSH v.1.1.4 allows a remote attacker to obtain sensitive information via the systemutil.cgi component.

Action-Not Available
Vendor-telesquaren/a
Product-tlr-2005ksh_firmwaretlr-2005kshn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37209
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 13.91%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-20 Feb, 2026 | 20:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotFTP FTP Password Recovery 3.0.0.0 - 'Name' Denial of Service

SpotFTP 3.0.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotftpNsauditor SpotFTP FTP Password Recovery
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37195
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 12.79%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-05 Mar, 2026 | 01:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BlueAuditor 1.7.2.0 - 'Name' Denial of Service

BlueAuditor 1.7.2.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-BlueAuditor
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37215
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.03% / 9.70%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-05 Mar, 2026 | 01:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MSN Password Recovery 1.30 - Denial of Service

MSN Password Recovery version 1.30 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized input in the registration code field. Attackers can generate a 9000-byte buffer of repeated characters and paste it into the 'User Name and Registration Code' field to trigger an application crash.

Action-Not Available
Vendor-Top Password Software
Product-MSN Password Recovery
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37207
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.01% / 2.73%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-26 Feb, 2026 | 23:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotDialup 1.6.7 - 'Key' Denial of Service

SpotDialup 1.6.7 contains a denial of service vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotdialupNsauditor SpotDialup
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37191
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.03% / 9.70%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 15:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Top Password Software Dialup Password Recovery 1.30 - Denial of Service

Top Password Software Dialup Password Recovery 1.30 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting a large 5000-character payload into the User Name and Registration Code input fields.

Action-Not Available
Vendor-Top Password Software
Product-Top Password Software Dialup Password Recovery
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37190
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.03% / 9.70%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Top Password Firefox Password Recovery 2.8 - Denial of Service

Top Password Firefox Password Recovery 2.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting 5000 characters into the User Name or Registration Code input fields.

Action-Not Available
Vendor-Top Password Software
Product-Top Password Firefox Password Recovery
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37203
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.01% / 2.51%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Office Product Key Finder 1.5.4 - Denial of Service

Office Product Key Finder 1.5.4 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the registration code input. Attackers can create a specially crafted text file and paste it into the 'Name and Key' field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor Office Product Key Finder
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-23077
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.66%
||
7 Day CHG~0.00%
Published-10 Apr, 2024 | 00:00
Updated-27 May, 2025 | 14:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the component /chart/plot/CompassPlot.java. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.

Action-Not Available
Vendor-jfreen/ajfree
Product-jfreechartn/ajfreechart
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • Next
Details not found