6.7
CVE-2020-37133 - UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service
UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to trigger an application crash.
6.7
CVE-2020-37132 - UltraVNC Launcher 1.2.4.0 - 'Password' Denial of Service
UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in its password configuration properties that allows local attackers to crash the application. Attackers can paste an overly long 300-character string into the password field to trigger an application crash and prevent normal launβ¦
6.7
CVE-2020-37131 - Product Key Explorer 4.2.2.0 - 'Key' Denial of Service
Nsauditor Product Key Explorer 4.2.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting a specially crafted registration key. Attackers can generate a payload of 1000 bytes of repeated characters and paste it into the 'Key' input field to β¦
6.7
CVE-2020-37130 - Nsauditor 3.2.0.0 - 'Name' Denial of Service
Nsauditor 3.2.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can create a malicious payload of 1000 bytes of repeated characters to trigger an application crash when pasted into the registration name fielβ¦
8.5
CVE-2020-37129 - Memu Play 7.1.3 - Insecure Folder Permissions
Memu Play 7.1.3 contains an insecure folder permissions vulnerability that allows low-privileged users to modify the MemuService.exe executable. Attackers can replace the service executable with a malicious file during system restart to gain SYSTEM-level privileges by exploiting unrestricted file mβ¦
6.7
CVE-2020-37128 - ZOC Terminal 7.25.5 - 'Script' Denial of Service
ZOC Terminal 7.25.5 contains a script processing vulnerability that allows local attackers to crash the application by loading a maliciously crafted REXX script file. Attackers can generate an oversized script with 20,000 repeated characters to trigger an application crash and cause a denial of serβ¦
8.4
CVE-2020-37126 - Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow (SEH)
Free Desktop Clock 3.0 contains a stack overflow vulnerability in the Time Zones display name input that allows attackers to overwrite Structured Exception Handler (SEH) registers. Attackers can exploit the vulnerability by crafting a malicious Unicode input that triggers an access violation and poβ¦
6.9
CVE-2020-37127 - dnsmasq-utils 2.79-1 - 'dhcp_release' Denial of Service
Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the dhcp_release process by sending a crafted input string longer than 16 characβ¦
9.3
CVE-2020-37125 - Edimax Technology EW-7438RPn-v3 Mini 1.27 - Remote Code Execution
Edimax EW-7438RPn-v3 Mini 1.27 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands through the /goform/mp endpoint. Attackers can exploit the vulnerability by sending crafted POST requests with command injection payloads to download andβ¦
8.4
CVE-2020-37124 - B64dec 1.1.2 - Buffer Overflow (SEH Overflow + Egg Hunter)
B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code during baβ¦