Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-37200

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-11 Feb, 2026 | 20:37
Updated At-12 Feb, 2026 | 14:33
Rejected At-
Credits

NetShareWatcher 1.5.8.0 - 'Key' Denial of Service

NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration key input that allows attackers to crash the application by supplying oversized input. Attackers can generate a 1000-character payload and paste it into the registration key field to trigger an application crash.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:11 Feb, 2026 | 20:37
Updated At:12 Feb, 2026 | 14:33
Rejected At:
â–¼CVE Numbering Authority (CNA)
NetShareWatcher 1.5.8.0 - 'Key' Denial of Service

NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration key input that allows attackers to crash the application by supplying oversized input. Attackers can generate a 1000-character payload and paste it into the registration key field to trigger an application crash.

Affected Products
Vendor
Nsasoft
Product
Nsauditor NetShareWatcher
Versions
Affected
  • 1.5.8.0
Problem Types
TypeCWE IDDescription
CWECWE-121Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
4.04.6MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 4.0
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

finder
Ismail Tasdelen
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.exploit-db.com/exploits/47860
exploit
http://www.nsauditor.com/
product
https://www.vulncheck.com/advisories/netsharewatcher-key-denial-of-service
third-party-advisory
Hyperlink: https://www.exploit-db.com/exploits/47860
Resource:
exploit
Hyperlink: http://www.nsauditor.com/
Resource:
product
Hyperlink: https://www.vulncheck.com/advisories/netsharewatcher-key-denial-of-service
Resource:
third-party-advisory
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:11 Feb, 2026 | 21:16
Updated At:17 Feb, 2026 | 20:37

NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration key input that allows attackers to crash the application by supplying oversized input. Attackers can generate a 1000-character payload and paste it into the registration key field to trigger an application crash.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.04.6MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 4.0
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches

nsasoft
nsasoft
>>netsharewatcher>>1.5.8.0
cpe:2.3:a:nsasoft:netsharewatcher:1.5.8.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-121Primarydisclosure@vulncheck.com
CWE ID: CWE-121
Type: Primary
Source: disclosure@vulncheck.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://www.nsauditor.com/disclosure@vulncheck.com
Product
https://www.exploit-db.com/exploits/47860disclosure@vulncheck.com
Exploit
https://www.vulncheck.com/advisories/netsharewatcher-key-denial-of-servicedisclosure@vulncheck.com
Third Party Advisory
Hyperlink: http://www.nsauditor.com/
Source: disclosure@vulncheck.com
Resource:
Product
Hyperlink: https://www.exploit-db.com/exploits/47860
Source: disclosure@vulncheck.com
Resource:
Exploit
Hyperlink: https://www.vulncheck.com/advisories/netsharewatcher-key-denial-of-service
Source: disclosure@vulncheck.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

341Records found

CVE-2019-25434
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-6.7||MEDIUM
EPSS-0.30% / 22.06%
||
7 Day CHG-0.07%
Published-20 Feb, 2026 | 22:54
Updated-07 Apr, 2026 | 14:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotAuditor 5.3.1.0 Denial of Service via Registration Name Field

SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting excessive data in the registration name field. Attackers can enter a large string of characters (5000 bytes or more) in the name field during registration to trigger an unhandled exception that crashes the application.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotauditorNsauditor SpotAuditor
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2019-25340
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-6.7||MEDIUM
EPSS-0.42% / 34.00%
||
7 Day CHG~0.00%
Published-12 Feb, 2026 | 22:48
Updated-05 Mar, 2026 | 01:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotAuditor 5.3.2 - 'Base64' Denial Of Service

SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file with 2000 repeated characters to trigger an application crash when pasted into the Base64 Encrypted Password field.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotauditorNsauditor SpotAuditor
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-47814
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-6.7||MEDIUM
EPSS-0.36% / 28.25%
||
7 Day CHG-0.07%
Published-15 Jan, 2026 | 23:25
Updated-05 Mar, 2026 | 01:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NBMonitor 1.6.8 - Denial of Service (PoC)

NBMonitor 1.6.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. Attackers can paste a 256-character buffer into the registration key field to trigger an application crash and potential system instability.

Action-Not Available
Vendor-nsasoftNsauditor
Product-nbmonitorNBMonitor
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-47815
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-6.7||MEDIUM
EPSS-0.43% / 34.54%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 23:25
Updated-01 May, 2026 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nsauditor 3.2.3 - Denial of Service (PoC)

Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can paste a large buffer of 256 repeated characters into the 'Key' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsauditor
Product-nsauditorNsauditor
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-47895
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-6.7||MEDIUM
EPSS-0.31% / 22.55%
||
7 Day CHG~0.00%
Published-23 Jan, 2026 | 16:47
Updated-11 Feb, 2026 | 19:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nsauditor 3.2.2.0 - 'Event Description' Denial of Service

Nsauditor 3.2.2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Event Description field with a large buffer. Attackers can generate a 10,000-character 'U' buffer and paste it into the Event Description field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsauditor
Product-nsauditorNsauditor
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-27722
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.69% / 48.42%
||
7 Day CHG-0.64%
Published-02 Nov, 2021 | 10:44
Updated-03 Aug, 2024 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes char data into the "Key" or "Name" field while registering.

Action-Not Available
Vendor-nsasoftn/a
Product-spotauditorn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37130
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-6.7||MEDIUM
EPSS-0.46% / 36.39%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-01 May, 2026 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nsauditor 3.2.0.0 - 'Name' Denial of Service

Nsauditor 3.2.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can create a malicious payload of 1000 bytes of repeated characters to trigger an application crash when pasted into the registration name field.

Action-Not Available
Vendor-nsasoftNsauditor
Product-nsauditorNsauditor
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37179
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.30% / 22.14%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-13 Feb, 2026 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
APKF Product Key Finder 2.5.8.0 - 'Name' Denial of Service

APKF Product Key Finder 2.5.8.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor APKF Product Key Finder
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37180
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.28% / 20.05%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GTalk Password Finder 2.2.1 - 'Key' Denial of Service

GTalk Password Finder 2.2.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character payload and paste it into the 'Key' field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor GTalk Password Finder
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37185
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.30% / 22.14%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 18:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Backup Key Recovery 2.2.5 - 'Name' Denial of Service

Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor Backup Key Recovery
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37187
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.39% / 31.41%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotDialup 1.6.7 - 'Name' Denial of Service

SpotDialup 1.6.7 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor SpotDialup
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37188
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.39% / 31.41%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotOutlook 1.2.6 - 'Name' Denial of Service

SpotOutlook 1.2.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can overwrite the buffer by pasting 1000 'A' characters into the 'Name' field, causing the application to become unresponsive.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor SpotOutlook
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37194
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.32% / 23.55%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 16:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Backup Key Recovery Recover Keys Crashed Hard Disk Drive 2.2.5 - 'Key' Denial of Service

Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by supplying an overly long registration key. Attackers can generate a 1000-character payload file and paste it into the registration key field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor Backup Key Recovery Recover Keys Crashed Hard Disk Drive
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37195
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.30% / 22.14%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-05 Mar, 2026 | 01:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BlueAuditor 1.7.2.0 - 'Name' Denial of Service

BlueAuditor 1.7.2.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-BlueAuditor
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37196
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.44% / 35.38%
||
7 Day CHG-0.08%
Published-11 Feb, 2026 | 20:37
Updated-27 Feb, 2026 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dnss Domain Name Search Software - 'Key' Denial of Service

Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by providing an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-domain_name_search_softwareNsauditor Dnss Domain Name Search Software
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37197
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.44% / 35.38%
||
7 Day CHG-0.08%
Published-11 Feb, 2026 | 20:37
Updated-26 Feb, 2026 | 23:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dnss Domain Name Search Software - 'Name' Denial of Service

Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-domain_name_search_softwareNsauditor Dnss Domain Name Search Software
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37199
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.44% / 35.38%
||
7 Day CHG-0.08%
Published-11 Feb, 2026 | 20:37
Updated-05 Mar, 2026 | 01:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NBMonitor 1.6.6.0 - 'Key' Denial of Service

NBMonitor 1.6.6.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-nbmonitorNsauditor NBMonitor
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37201
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.34% / 26.46%
||
7 Day CHG-0.06%
Published-11 Feb, 2026 | 20:37
Updated-17 Feb, 2026 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NetShareWatcher 1.5.8.0 - 'Name' Denial Of Service

NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration name input that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-netsharewatcherNsauditor NetShareWatcher
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37202
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.33% / 25.29%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NetworkSleuth 3.0.0.0 - 'Key' Denial of Service

NetworkSleuth 3.0.0.0 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor NetworkSleuth
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37203
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.33% / 25.28%
||
7 Day CHG~0.00%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Office Product Key Finder 1.5.4 - Denial of Service

Office Product Key Finder 1.5.4 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the registration code input. Attackers can create a specially crafted text file and paste it into the 'Name and Key' field to trigger an application crash.

Action-Not Available
Vendor-Nsasoft
Product-Nsauditor Office Product Key Finder
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37204
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.38% / 30.30%
||
7 Day CHG-0.07%
Published-11 Feb, 2026 | 20:37
Updated-20 Feb, 2026 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RemShutdown 2.9.0.0 - 'Key' Denial of Service

RemShutdown 2.9.0.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNSAuditor
Product-remshutdownNsauditor RemShutdown
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37205
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.38% / 30.30%
||
7 Day CHG-0.07%
Published-11 Feb, 2026 | 20:37
Updated-20 Feb, 2026 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RemShutdown 2.9.0.0 - 'Name' Denial of Service

RemShutdown 2.9.0.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' registration field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-remshutdownNsauditor RemShutdown
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37206
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.37% / 28.81%
||
7 Day CHG-0.08%
Published-11 Feb, 2026 | 20:37
Updated-26 Feb, 2026 | 23:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ShareAlarmPro Advanced Network Access Control - 'Key' Denial of Service

ShareAlarmPro contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload to trigger an application crash when pasted into the registration key field.

Action-Not Available
Vendor-nsasoftNsasoft
Product-sharealarmproNsauditor ShareAlarmPro Advanced Network Access Control
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37209
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.31% / 22.84%
||
7 Day CHG-0.03%
Published-11 Feb, 2026 | 20:37
Updated-20 Feb, 2026 | 20:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotFTP FTP Password Recovery 3.0.0.0 - 'Name' Denial of Service

SpotFTP 3.0.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotftpNsauditor SpotFTP FTP Password Recovery
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37210
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.28% / 19.80%
||
7 Day CHG-0.05%
Published-11 Feb, 2026 | 20:37
Updated-26 Feb, 2026 | 23:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotIE 2.9.5 - 'Key' Denial of Service

SpotIE 2.9.5 contains a denial of service vulnerability in the registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotieNsauditor SpotIE
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37211
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.28% / 19.81%
||
7 Day CHG-0.05%
Published-11 Feb, 2026 | 20:37
Updated-26 Feb, 2026 | 23:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotIM 2.2 - 'Name' Denial Of Service

SpotIM 2.2 contains a denial of service vulnerability that allows attackers to crash the application by inputting a large buffer in the registration name field. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotimNsauditor SpotIM
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37212
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.28% / 19.81%
||
7 Day CHG-0.05%
Published-11 Feb, 2026 | 20:37
Updated-26 Feb, 2026 | 23:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotMSN 2.4.6 - 'Name' Denial of Service

SpotMSN 2.4.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotmsnNsauditor SpotMSN
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37207
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.37% / 28.82%
||
7 Day CHG-0.07%
Published-11 Feb, 2026 | 20:37
Updated-26 Feb, 2026 | 23:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotDialup 1.6.7 - 'Key' Denial of Service

SpotDialup 1.6.7 contains a denial of service vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotdialupNsauditor SpotDialup
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-37208
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-4.6||MEDIUM
EPSS-0.41% / 32.93%
||
7 Day CHG-0.08%
Published-11 Feb, 2026 | 20:37
Updated-20 Feb, 2026 | 20:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotFTP FTP Password Recovery 3.0.0.0 - 'Key' Denial of Service

SpotFTP 3.0.0.0 contains a buffer overflow vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Key' field to trigger an application crash and denial of service.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotftpNsauditor SpotFTP FTP Password Recovery
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-37119
Matching Score-6
Assigner-VulnCheck
ShareView Details
Matching Score-6
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.61% / 44.71%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-07 Apr, 2026 | 14:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite))

Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS query payload to trigger a three-byte overwrite, bypass ASLR, and execute shellcode through a carefully constructed exploit.

Action-Not Available
Vendor-nsasoftNsasoft
Product-nsauditorNsauditor
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-25334
Matching Score-6
Assigner-VulnCheck
ShareView Details
Matching Score-6
Assigner-VulnCheck
CVSS Score-6.7||MEDIUM
EPSS-0.19% / 8.87%
||
7 Day CHG~0.00%
Published-12 Feb, 2026 | 22:48
Updated-25 Mar, 2026 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Product Key Explorer 4.2.0.0 - 'Name' Denial of Service

Product Key Explorer 4.2.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by overflowing the registration name input field. Attackers can create a specially crafted text file with repeated characters to trigger a buffer overflow when pasted into the registration name field, causing the application to crash.

Action-Not Available
Vendor-nsasoftNsasoft
Product-product_key_explorerNsauditor Product Key Explorer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2019-25336
Matching Score-6
Assigner-VulnCheck
ShareView Details
Matching Score-6
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.21% / 11.43%
||
7 Day CHG~0.00%
Published-12 Feb, 2026 | 22:48
Updated-05 Mar, 2026 | 01:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow (SEH)

SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially crafted Base64 encoded payload to trigger a Structured Exception Handler (SEH) overwrite and execute shellcode on the vulnerable system.

Action-Not Available
Vendor-nsasoftNsasoft
Product-spotauditorNsauditor SpotAuditor
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-25454
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.48% / 37.80%
||
7 Day CHG~0.00%
Published-17 Apr, 2025 | 00:00
Updated-22 Apr, 2025 | 16:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via wanSpeed2.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10_firmwareac10n/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-69765
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.74% / 50.04%
||
7 Day CHG~0.00%
Published-03 Mar, 2026 | 00:00
Updated-04 Mar, 2026 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax3_firmwareax3n/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-25455
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.48% / 37.80%
||
7 Day CHG~0.00%
Published-17 Apr, 2025 | 00:00
Updated-22 Apr, 2025 | 16:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via wanMTU2.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10_firmwareac10n/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-25457
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.57% / 42.83%
||
7 Day CHG~0.00%
Published-17 Apr, 2025 | 00:00
Updated-22 Apr, 2025 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via cloneType2.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10_firmwareac10n/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-6868
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.19% / 9.16%
||
7 Day CHG~0.00%
Published-30 Apr, 2026 | 05:04
Updated-01 May, 2026 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based Buffer Overflow in Wireshark

HTTP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

Action-Not Available
Vendor-Wireshark Foundation
Product-wiresharkWireshark
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-5654
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.21% / 10.67%
||
7 Day CHG~0.00%
Published-30 Apr, 2026 | 05:39
Updated-01 May, 2026 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based Buffer Overflow in Wireshark

AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

Action-Not Available
Vendor-Wireshark Foundation
Product-wiresharkWireshark
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-20350
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.45% / 35.75%
||
7 Day CHG~0.00%
Published-15 Oct, 2025 | 16:15
Updated-04 Dec, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Denial of Service Vulnerability

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to a buffer overflow when an affected device processes HTTP packets. An attacker could exploit this vulnerability by sending crafted HTTP input to the device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ip_phone_8841desk_phone_9871video_phone_8875ip_phone_7841_firmwareip_phone_8821_firmwareip_phone_8841_firmwareip_phone_8851_firmwareip_phone_8865ip_phone_8821ip_phone_7821_firmwareip_phone_8832desk_phone_9841ip_phone_7861ip_phone_8845ip_phone_8861_firmwareip_phone_7821desk_phone_9851_firmwarevideo_phone_8875_firmwareip_phone_8861ip_phone_7841ip_phone_8851ip_phone_7811_firmwareip_phone_7861_firmwaredesk_phone_9841_firmwaredesk_phone_9851desk_phone_9861ip_phone_8811_firmwareip_phone_8865_firmwaredesk_phone_9861_firmwareip_phone_7811ip_phone_8845_firmwareip_phone_8811ip_phone_8832_firmwaredesk_phone_9871_firmwareCisco Session Initiation Protocol (SIP) Software
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2022-42060
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.05% / 60.05%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-13 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setWanPpoe function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-w15e_firmwarew15en/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-40151
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-6.5||MEDIUM
EPSS-1.02% / 59.22%
||
7 Day CHG+0.03%
Published-16 Sep, 2022 | 10:00
Updated-23 May, 2025 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack Buffer Overflow in xstream

Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.

Action-Not Available
Vendor-xstreamxstream
Product-xstreamxstream
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-4967
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-7.5||HIGH
EPSS-Not Assigned
Published-03 Jul, 2026 | 05:52
Updated-03 Jul, 2026 | 07:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In IMS, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed.

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.
Product-SC7731E/SC9832E/SC9863A/T310/T610/T618/T7200/T7225/T7250/T7255/T7280/T7300/T8100/T9100/T8200/T8300
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-25833
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 22.53%
||
7 Day CHG~0.00%
Published-01 Apr, 2026 | 00:00
Updated-05 Jun, 2026 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509_inet_pton_ipv6() function

Action-Not Available
Vendor-trustedfirmwaren/aArm Limited
Product-mbed_tlsn/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-1163
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.42% / 34.04%
||
7 Day CHG~0.00%
Published-10 Feb, 2025 | 23:31
Updated-10 Apr, 2025 | 20:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
code-projects Vehicle Parking Management System Authentication login stack-based overflow

A vulnerability classified as critical was found in code-projects Vehicle Parking Management System 1.0. This vulnerability affects the function login of the component Authentication. The manipulation of the argument username leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Source Code & Projects
Product-vehicle_parking_management_systemVehicle Parking Management System
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-10615
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-2.57% / 83.24%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 18:28
Updated-04 Aug, 2024 | 11:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication is not required to exploit this vulnerability.

Action-Not Available
Vendor-trianglemicroworksn/a
Product-scada_data_gatewayTriangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-25967
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.4||HIGH
EPSS-0.32% / 23.76%
||
7 Day CHG~0.00%
Published-24 Feb, 2026 | 01:29
Updated-23 Jun, 2026 | 15:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ImageMagick has stack buffer overflow in FTXT reader via oversized integer field

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a stack-based buffer overflow exists in the ImageMagick FTXT image reader. A crafted FTXT file can cause out-of-bounds writes on the stack, leading to a crash. Version 7.1.2-15 contains a patch.

Action-Not Available
Vendor-ImageMagick Studio LLC
Product-imagemagickImageMagick
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-3409
Matching Score-4
Assigner-The OpenBMC Project
ShareView Details
Matching Score-4
Assigner-The OpenBMC Project
CVSS Score-8.2||HIGH
EPSS-0.59% / 43.98%
||
7 Day CHG~0.00%
Published-27 Oct, 2022 | 13:09
Updated-05 May, 2025 | 17:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated out of bounds stack write in bmcweb

A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. This vulnerability was identified during mitigation for CVE-2022-2809. When fuzzing the multipart_parser code using AFL++ with address sanitizer enabled to find smallest memory corruptions possible. It detected problem in how multipart_parser handles unclosed http headers. If long enough http header is passed in the multipart form without colon there is one byte overwrite on heap. It can be conducted multiple times in a loop to cause DoS.

Action-Not Available
Vendor-openbmc-projectOpenBMC Project
Product-openbmcOpenBMC
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-229
Improper Handling of Values
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-58116
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-4||MEDIUM
EPSS-0.19% / 9.03%
||
7 Day CHG+0.01%
Published-07 Apr, 2025 | 03:40
Updated-07 May, 2025 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-50659
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.52% / 40.11%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 00:00
Updated-22 Apr, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the custom_error parameter in the /user.asp endpoint.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-di-8003di-8003_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-58115
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-4||MEDIUM
EPSS-0.19% / 9.03%
||
7 Day CHG+0.01%
Published-07 Apr, 2025 | 03:40
Updated-07 May, 2025 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 6
  • 7
  • Next
Details not found