Common Weakness Enumeration

CWE-1260

Allowed

Improper Handling of Overlap Between Protected Memory Ranges

Abstraction: Base · Status: Stable

The product allows address regions to overlap, which can result in the bypassing of intended memory protection.

27 vulnerabilities reference this CWE, most recent first.

CVE-2018-25240 (GCVE-0-2018-25240)

Vulnerability from cvelistv5 – Published: 2026-04-04 13:51 – Updated: 2026-04-06 19:05
VLAI
Title
Watchr 1.1.0.0 Denial of Service via Search
Summary
Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the application to crash.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
Assigner
Impacted products
Vendor Product Version
Watchr Watchr Affected: 1.1.0.0
Create a notification for this product.
Date Public
2018-01-18 00:00
Credits
0xB9
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-25240",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-06T19:02:53.925832Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-06T19:05:28.808Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Watchr",
          "vendor": "Watchr",
          "versions": [
            {
              "status": "affected",
              "version": "1.1.0.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "0xB9"
        }
      ],
      "datePublic": "2018-01-18T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the application to crash."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS"
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1260",
              "description": "Improper Handling of Overlap Between Protected Memory Ranges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-04T19:59:51.833Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "name": "ExploitDB-46194",
          "tags": [
            "exploit"
          ],
          "url": "https://www.exploit-db.com/exploits/46194"
        },
        {
          "name": "Product Reference",
          "tags": [
            "product"
          ],
          "url": "https://www.microsoft.com/store/productId/9PN12GNX62VZ"
        },
        {
          "name": "VulnCheck Advisory: Watchr 1.1.0.0 Denial of Service via Search",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/watchr-denial-of-service-via-search"
        }
      ],
      "title": "Watchr 1.1.0.0 Denial of Service via Search",
      "x_generator": {
        "engine": "vulncheck"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2018-25240",
    "datePublished": "2026-04-04T13:51:07.827Z",
    "dateReserved": "2026-04-04T13:16:34.636Z",
    "dateUpdated": "2026-04-06T19:05:28.808Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2018-25238 (GCVE-0-2018-25238)

Vulnerability from cvelistv5 – Published: 2026-04-04 13:51 – Updated: 2026-04-06 18:02
VLAI
Title
VSCO 1.1.1.0 Denial of Service via Search
Summary
VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application crash.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges
Assigner
Impacted products
Vendor Product Version
vsco VSCO Affected: 1.1.1.0
Create a notification for this product.
Date Public
2018-02-14 00:00
Credits
0xB9
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-25238",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-06T17:54:12.768476Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-06T18:02:54.326Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "VSCO",
          "vendor": "vsco",
          "versions": [
            {
              "status": "affected",
              "version": "1.1.1.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "0xB9"
        }
      ],
      "datePublic": "2018-02-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application crash."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS"
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1260",
              "description": "Improper Handling of Overlap Between Protected Memory Ranges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-04T19:59:50.254Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "name": "ExploitDB-46385",
          "tags": [
            "exploit"
          ],
          "url": "https://www.exploit-db.com/exploits/46385"
        },
        {
          "name": "Product Reference",
          "tags": [
            "product"
          ],
          "url": "https://www.microsoft.com/store/productId/9NC1RLNH76PB"
        },
        {
          "name": "VulnCheck Advisory: VSCO 1.1.1.0 Denial of Service via Search",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/vsco-denial-of-service-via-search"
        }
      ],
      "title": "VSCO 1.1.1.0 Denial of Service via Search",
      "x_generator": {
        "engine": "vulncheck"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2018-25238",
    "datePublished": "2026-04-04T13:51:06.397Z",
    "dateReserved": "2026-04-04T13:15:48.251Z",
    "dateUpdated": "2026-04-06T18:02:54.326Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

GHSA-34CH-J427-VRM7

Vulnerability from github – Published: 2026-02-10 21:31 – Updated: 2026-02-10 21:31
VLAI
Details

Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-29948"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1260"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-10T20:16:44Z",
    "severity": "MODERATE"
  },
  "details": "Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity.",
  "id": "GHSA-34ch-j427-vrm7",
  "modified": "2026-02-10T21:31:31Z",
  "published": "2026-02-10T21:31:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29948"
    },
    {
      "type": "WEB",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-37WW-CVHX-X8P9

Vulnerability from github – Published: 2026-04-04 15:30 – Updated: 2026-04-04 21:30
VLAI
Details

Microsoft Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the application to crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-25240"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1260"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-04T14:16:19Z",
    "severity": "MODERATE"
  },
  "details": "Microsoft Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the application to crash.",
  "id": "GHSA-37ww-cvhx-x8p9",
  "modified": "2026-04-04T21:30:26Z",
  "published": "2026-04-04T15:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25240"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/46194"
    },
    {
      "type": "WEB",
      "url": "https://www.microsoft.com/store/productId/9PN12GNX62VZ"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/microsoft-watchr-denial-of-service-via-search"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/watchr-denial-of-service-via-search"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-5427-6CG5-37H6

Vulnerability from github – Published: 2025-03-04 15:31 – Updated: 2025-11-03 21:33
VLAI
Details

Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, and Firefox ESR < 128.8.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-1937"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1260"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-04T14:15:38Z",
    "severity": "HIGH"
  },
  "details": "Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 136, Firefox ESR \u003c 115.21, and Firefox ESR \u003c 128.8.",
  "id": "GHSA-5427-6cg5-37h6",
  "modified": "2025-11-03T21:33:04Z",
  "published": "2025-03-04T15:31:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1937"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938471%2C1940716"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-14"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-15"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-16"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-17"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-18"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/03/10/6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8M9X-GFWW-F5VW

Vulnerability from github – Published: 2026-03-21 15:33 – Updated: 2026-03-21 15:33
VLAI
Details

RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger a crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-25570"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1260"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-21T13:16:20Z",
    "severity": "MODERATE"
  },
  "details": "RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger a crash.",
  "id": "GHSA-8m9x-gfww-f5vw",
  "modified": "2026-03-21T15:33:24Z",
  "published": "2026-03-21T15:33:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25570"
    },
    {
      "type": "WEB",
      "url": "https://realterm.sourceforge.io"
    },
    {
      "type": "WEB",
      "url": "https://sourceforge.net/projects/realterm/files"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/46390"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/realterm-serial-terminal-denial-of-service-via-port-field"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-CPMC-G47Q-X324

Vulnerability from github – Published: 2022-05-24 16:53 – Updated: 2024-08-01 15:31
VLAI
Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1159.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-1164"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1260"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-08-14T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka \u0027Windows Kernel Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2019-1159.",
  "id": "GHSA-cpmc-g47q-x324",
  "modified": "2024-08-01T15:31:14Z",
  "published": "2022-05-24T16:53:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1164"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1164"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CQG2-35MM-6458

Vulnerability from github – Published: 2026-03-21 15:33 – Updated: 2026-03-21 15:33
VLAI
Details

NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-25572"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1260"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-21T13:16:21Z",
    "severity": "MODERATE"
  },
  "details": "NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash.",
  "id": "GHSA-cqg2-35mm-6458",
  "modified": "2026-03-21T15:33:24Z",
  "published": "2026-03-21T15:33:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25572"
    },
    {
      "type": "WEB",
      "url": "https://downloads.nordcdn.com/apps/windows/10/NordVPN/latest/NordVPNSetup.exe"
    },
    {
      "type": "WEB",
      "url": "https://nordvpn.com"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/46343"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/nordvpn-denial-of-service-via-email-field-buffer-overflow"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-G8W3-F2WW-WPCC

Vulnerability from github – Published: 2026-04-04 15:30 – Updated: 2026-04-04 21:30
VLAI
Details

Microsoft VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-25238"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1260"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-04T14:16:19Z",
    "severity": "MODERATE"
  },
  "details": "Microsoft VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application crash.",
  "id": "GHSA-g8w3-f2ww-wpcc",
  "modified": "2026-04-04T21:30:26Z",
  "published": "2026-04-04T15:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25238"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/46385"
    },
    {
      "type": "WEB",
      "url": "https://www.microsoft.com/store/productId/9NC1RLNH76PB"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/microsoft-vsco-denial-of-service-via-search"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/vsco-denial-of-service-via-search"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-HWV9-R628-99XX

Vulnerability from github – Published: 2026-03-22 15:31 – Updated: 2026-03-22 15:31
VLAI
Details

GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an application crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-25602"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1260"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-22T14:16:27Z",
    "severity": "MODERATE"
  },
  "details": "GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an application crash.",
  "id": "GHSA-hwv9-r628-99xx",
  "modified": "2026-03-22T15:31:28Z",
  "published": "2026-03-22T15:31:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25602"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/47026"
    },
    {
      "type": "WEB",
      "url": "https://www.microsoft.com/store/productId/9NDTMZKLC693"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/gsearch-denial-of-service-via-search-input"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation
Architecture and Design

Ensure that memory regions are isolated as intended and that access control (read/write) policies are used by hardware to protect privileged software.

Mitigation
Implementation
  • For all of the programmable memory protection regions, the memory protection unit (MPU) design can define a priority scheme.
  • For example: if three memory regions can be programmed (Region_0, Region_1, and Region_2), the design can enforce a priority scheme, such that, if a system address is within multiple regions, then the region with the lowest ID takes priority and the access-control policy of that region will be applied. In some MPU designs, the priority scheme can also be programmed by trusted software.
  • Hardware logic or trusted firmware can also check for region definitions and block programming of memory regions with overlapping addresses.
  • The memory-access-control-check filter can also be designed to apply a policy filter to all of the overlapping ranges, i.e., if an address is within Region_0 and Region_1, then access to this address is only granted if both Region_0 and Region_1 policies allow the access.
CAPEC-456: Infected Memory

An adversary inserts malicious logic into memory enabling them to achieve a negative impact. This logic is often hidden from the user of the system and works behind the scenes to achieve negative impacts. This pattern of attack focuses on systems already fielded and used in operation as opposed to systems that are still under development and part of the supply chain.

CAPEC-679: Exploitation of Improperly Configured or Implemented Memory Protections

An adversary takes advantage of missing or incorrectly configured access control within memory to read/write data or inject malicious code into said memory.