4.6
CVE-2020-37139 - Odin Secure FTP Expert 7.6.3 - 'Site Info' Denial of Service
Odin Secure FTP Expert 7.6.3 contains a local denial of service vulnerability that allows attackers to crash the application by manipulating site information fields. Attackers can generate a buffer overflow by pasting 108 bytes of repeated characters into connection fields, causing the application β¦
8.4
CVE-2020-37138 - 10-Strike Network Inventory Explorer 9.03 - 'Read from File' Buffer Overflow (SEH)(ROP)
10-Strike Network Inventory Explorer 9.03 contains a buffer overflow vulnerability in the file import functionality that allows remote attackers to execute arbitrary code. Attackers can craft a malicious text file with carefully constructed payload to trigger a stack-based buffer overflow and bypasβ¦
8.6
CVE-2020-37137 - PHP-Fusion 9.03.50 - 'panels.php' Eval Injection
PHP-Fusion 9.03.50 contains a remote code execution vulnerability in the 'add_panel_form()' function that allows attackers to execute arbitrary code through an eval() function with unsanitized POST data. Attackers can exploit the vulnerability by sending crafted panel_content POST parameters to theβ¦
6.7
CVE-2020-37136 - ZOC Terminal v7.25.5 - 'Private key file' Denial of Service
ZOC Terminal 7.25.5 contains a denial of service vulnerability in the private key file input field that allows attackers to crash the application. Attackers can overwrite the private key file input with a 2000-byte buffer, causing the application to become unresponsive when attempting to create SSHβ¦
4.6
CVE-2020-37134 - UltraVNC Viewer 1.2.4.0 - 'VNCServer' Denial of Service
UltraVNC Viewer 1.2.4.0 contains a denial of service vulnerability that allows attackers to crash the application by manipulating VNC Server input. Attackers can generate a malformed 256-byte payload and paste it into the VNC Server connection dialog to trigger an application crash.
6.7
CVE-2020-37133 - UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service
UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to trigger an application crash.
6.7
CVE-2020-37132 - UltraVNC Launcher 1.2.4.0 - 'Password' Denial of Service
UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in its password configuration properties that allows local attackers to crash the application. Attackers can paste an overly long 300-character string into the password field to trigger an application crash and prevent normal launβ¦
6.7
CVE-2020-37131 - Product Key Explorer 4.2.2.0 - 'Key' Denial of Service
Nsauditor Product Key Explorer 4.2.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting a specially crafted registration key. Attackers can generate a payload of 1000 bytes of repeated characters and paste it into the 'Key' input field to β¦
6.7
CVE-2020-37130 - Nsauditor 3.2.0.0 - 'Name' Denial of Service
Nsauditor 3.2.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can create a malicious payload of 1000 bytes of repeated characters to trigger an application crash when pasted into the registration name fielβ¦
8.5
CVE-2020-37129 - Memu Play 7.1.3 - Insecure Folder Permissions
Memu Play 7.1.3 contains an insecure folder permissions vulnerability that allows low-privileged users to modify the MemuService.exe executable. Attackers can replace the service executable with a malicious file during system restart to gain SYSTEM-level privileges by exploiting unrestricted file mβ¦