6.7
CVE-2020-37181 - Torrent FLV Converter 1.51 Build 117 - Stack Oveflow (SEH partial overwrite)
Torrent FLV Converter 1.51 Build 117 contains a stack overflow vulnerability that allows attackers to overwrite Structured Exception Handler (SEH) through a malicious registration code input. Attackers can craft a payload with specific offsets and partial SEH overwrite techniques to potentially exeβ¦
4.6
CVE-2020-37180 - GTalk Password Finder 2.2.1 - 'Key' Denial of Service
GTalk Password Finder 2.2.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character payload and paste it into the 'Key' field to trigger an application crash.
4.6
CVE-2020-37179 - APKF Product Key Finder 2.5.8.0 - 'Name' Denial of Service
APKF Product Key Finder 2.5.8.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash.
6.7
CVE-2020-37177 - BOOTP Turbo 2.0 - Denial of Service (SEH)
BOOTP Turbo 2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Structured Exception Handler (SEH). Attackers can generate a malicious payload of 2196 bytes with specific byte patterns to trigger an application crash and corrupt the SEH cβ¦
4.6
CVE-2020-37178 - KeePass 2.44 - Denial of Service (PoC)
KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can trigger the vulnerability by dragging and dropping malicious HTML files into the help area, potentially causing application instability or crash.
8.4
CVE-2020-37176 - Torrent 3GP Converter 1.51 - Stack Overflow (SEH)
Torrent 3GP Converter 1.51 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload targeting the application's registration dialog to trigger code execution and open β¦
4.6
CVE-2020-37175 - P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service
P2PWIFICAM2 for iOS 10.4.1 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the Camera ID input field. Attackers can paste a 257-character buffer into the Camera ID field to trigger an application crash on iOS devices.
8.7
CVE-2020-37173 - AVideo Platform 8.1 - Information Disclosure (User Enumeration)
AVideo Platform 8.1 contains an information disclosure vulnerability that allows attackers to enumerate user details through the playlistsFromUser.json.php endpoint. Attackers can retrieve sensitive user information including email, password hash, and administrative status by manipulating the usersβ¦
4.3
CVE-2026-25633 - Statamic's missing authorization allows access to assets
Statamic is a, Laravel + Git powered CMS designed for building websites. Prior to 5.73.6 and 6.2.5, users without permission to view assets are able are able to download them and view their metadata. Logged-out users and users without permission to access the control panel are unable to take advantβ¦
8.5
CVE-2020-37172 - AVideo Platform 8.1 - Cross Site Request Forgery (Password Reset)
AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials withoβ¦